Stolen Vendor Credentials Responsible for Target Breach -- Security Today

Stolen Vendor Credentials Responsible for Target Breach

By Ginger Hill
Jan 30, 2014

If I’ve said it once, I’ll say it a thousand times again. Today’s hackers are a highly intelligent, sophisticated bunch of people. Advanced hackers often take advantage of low-level employees or outside vendors, moving laterally through networks to gain access to valuable data.

"Technology vendors aren't your typical remote users,” said Jeff Swearingen, co-founder and CEO of SecureLink. “One vendor may have thousands of technicians that require access on a revolving basis. Login credentials issued to Todd on Tuesday may be used by Wendy on Wednesday and so on – with access to a company's most sensitive data.”

With thousands of technicians, it’s quite possible that suave hackers can persuade at least one of them to hand over their login credentials.

Stolen Vendor Credentials Responsible for Target Breach Most of us are familiar with the whole Target hack debacle, and according to media sources, Target’s investigation to determine the responsible party has led them to a stolen vendor’s credentials as a source of access.

Target hasn't revealed how the credentials were stolen or which outlet was used, but this particular portal does have limited access to Target’s computer systems during the remainder of the investigation. Target did say that the hacker’s used a system that was not related to payment areas, but it’s still unknown how exactly the hackers moved from an unrelated platform to Target’s point-of-sale devices.

"Hackers are intelligent and sophisticated, so it's not unreasonable to think that even a well-run organization could be a victim," noted Swearingen.

What can organizations do to help prevent this type of victimization?

“Successful management of vendor remote access starts with a policy recognizing the difference between your internal users and your vendors,” explained Swearingen. “It eliminates shared logins, restricts access to required privileges only, protects admin credentials and audits all activity in real-time at the individual user level.”

I wonder if Target is considering implementing such a strategy for future management of vendor remote access.

About the Author

Ginger Hill is Group Social Media Manager.

Data Protection: Your Best Line of Defense Starts Inside

Rethinking City Living: The Challenges and Opportunities

Securitas names Byerly as President, Global Electronic Security, and Engelhardt as new President, Securitas Electronic Security Inc. in North America

Carrier Joins the International Society of Automation Global Cybersecurity Alliance

Michigan School Shooting Suspect to be Charged as Adult

Securing Entertainment Venues
One thing entertainment venues, sports stadiums and theme park officials want to accomplish is getting people back into their seats. That is happening today—but not without understanding and technology. In this episode, AJ DeRosa shares his insight on how COVID-impacted businesses are able to face safety and security issues with confidence and technology. We also discuss visitor expectations and how venue officials can ensure their space is secure as they welcome visitors back.

Digital Edition

November / December 2021

Featuring:

• Navigating System Integration
• Protecting Premises and People
• Cashing in Your VMS System
• Encryption and Compliance
• Security Breach at 38,000 Feet
View This Issue