Stolen Vendor Credentials Responsible for Target Breach

Stolen Vendor Credentials Responsible for Target Breach

If I’ve said it once, I’ll say it a thousand times again. Today’s hackers are a highly intelligent, sophisticated bunch of people. Advanced hackers often take advantage of low-level employees or outside vendors, moving laterally through networks to gain access to valuable data.

"Technology vendors aren't your typical remote users,” said Jeff Swearingen, co-founder and CEO of SecureLink. “One vendor may have thousands of technicians that require access on a revolving basis. Login credentials issued to Todd on Tuesday may be used by Wendy on Wednesday and so on – with access to a company's most sensitive data.”

With thousands of technicians, it’s quite possible that suave hackers can persuade at least one of them to hand over their login credentials.

Stolen Vendor Credentials Responsible for Target BreachMost of us are familiar with the whole Target hack debacle, and according to media sources, Target’s investigation to determine the responsible party has led them to a stolen vendor’s credentials as a source of access.

Target hasn't revealed how the credentials were stolen or which outlet was used, but this particular portal does have limited access to Target’s computer systems during the remainder of the investigation. Target did say that the hacker’s used a system that was not related to payment areas, but it’s still unknown how exactly the hackers moved from an unrelated platform to Target’s point-of-sale devices.

"Hackers are intelligent and sophisticated, so it's not unreasonable to think that even a well-run organization could be a victim," noted Swearingen.

What can organizations do to help prevent this type of victimization?

“Successful management of vendor remote access starts with a policy recognizing the difference between your internal users and your vendors,” explained Swearingen. “It eliminates shared logins, restricts access to required privileges only, protects admin credentials and audits all activity in real-time at the individual user level.”

I wonder if Target is considering implementing such a strategy for future management of vendor remote access.

About the Author

Ginger Hill is Group Social Media Manager.

Featured

Featured Cybersecurity

Webinars

New Products

  • Camden Door Controls ‘SER” Surface Boxes and Extension Rings

    Camden Door Controls ‘SER” Surface Boxes and Extension Rings

    Camden Door Controls has introduced new ‘SER” surface boxes and extension rings that provide a complete solution for new construction. In addition, they provide a simple and robust solution when replacing round wired and manual push plate switches with either Camden’s wired or wireless SureWave™ no-touch switches or Kinetic™ no-battery wireless switches. 3

  • QCS7230 System-on-Chip (SoC)

    QCS7230 System-on-Chip (SoC)

    The latest Qualcomm® Vision Intelligence Platform offers next-generation smart camera IoT solutions to improve safety and security across enterprises, cities and spaces. The Vision Intelligence Platform was expanded in March 2022 with the introduction of the QCS7230 System-on-Chip (SoC), which delivers superior artificial intelligence (AI) inferencing at the edge. 3

  • LiftMaster Garage Door Opener

    LiftMaster Garage Door Opener

    LiftMaster Transforms the Garage Door Opener Into a Sleek Smart Home Device That Does More Than Open and Close the Garage Door 3