As many would have rightly guessed, Target has been sued due to the significant data breach affecting its customers in 2013. According to this Reuters article, “Trustmark National Bank and Green Bank NA accused the defendants [,Target Corp and Trustwave Holdings Inc, which provides credit card security services,] of failing to properly secure customer data, enabling the theft of about 40 million payment card records plus 70 million other records.”
This reminds me of the prominent TJX (operator of TJ Maxx stores) data breach eight years ago that affected ~94M records, making it the largest single data breach to date. You can learn more about it on the Hacks of Ages timeline that Erin O’Malley so eloquently described recently. Juniper will add the Target breach to it.
According to the Ponemon Institute 2013 Cost of Data Breach Study: Global Analysis report, German and U.S. companies had the most costly data breaches ($199 and $188 per record, respectively). For U.S. retailer TJX, the financial losses were significant. The company agreed to pay $9.75 million to 41 states. Of this, per the settlement, $5.5 million was to be dedicated to data protection and consumer protection efforts by the states, and $1.75 million was to aid in reimbursement of the costs and fees of the investigation. Further, $2.5 million of the settlement was to be used to fund a Data Security Trust Fund to be used by State Attorneys General to advance enforcement efforts and policy development in the field of data security and protecting consumers’ personal information.
Let’s see how Target financially fares with regards to the settlement. In the meanwhile, I hope that both these and other enterprises will take effective, preventative measures to detect and stop such attacks early. If they don’t protect their customers’ data, certainly, sooner or later, they will have to pay the price. And, as my esteemed colleague, John Pennington, warned loudly and clearly in his blog, which summarizes the findings of a compelling study of the cybercriminal world, “Take action or be hacked!”Read more...
While hacking websites for financial gain continues to be a growing trend, hacking for notoriety has not ceased. A recent case in point is a story released on ZDNET about a 15-year old boy in Austria who hacked into 259 companies over a 90-day period. Upon being caught by the police, he reportedly admitted fault, citing a combination of boredom and desire to prove his skills as motivation for his activity.
Authorities stated that the suspect scanned the Internet for vulnerabilities and bugs in websites and databases that he could then exploit. He used various hacking tools widely available on the Internet, including software that helped him remain anonymous. However, it was this very software that ultimately stopped working and revealed the perpetrator’s IP address to Austria’s Federal Criminal Police Office’s C4 (Cyber Crime Competence Centre) unit, which arrested the teenager.
Unfortunately, the damage had already been done. All that the affected companies can do in retrospect is review the software code for their website, search for the vulnerabilities and remediate them. However, all of this requires time and money. To make matters worse, in certain cases, it may not be possible to remediate the code, such as if it was developed by a third party and the original developers aren’t accessible to make changes.
The victim companies could have benefitted from a security solution that detected the would-be hacker while he was interfacing with the Web site and stopped him cold in his tracks. Such a solution is available from Mykonos Software, a Juniper Networks company. Mykonos Web Security uses an industry unique approach that thwarts an attack literally as it begins. Mykonos detects, tracks, profiles and prevents hackers in real-time. Once deployed alongside the company’s web server(s), Mykonos Web Security works around the clock detecting and preventing attackers. It’s not creating log-files for the security administrator to review to find an attacker. It simply tells how many attackers it detected and what countermeasure response was applied. It’s a security device that works continuously as part of the security team even while the latter is not actively engaged with (e.g., monitoring) the website, which may provide greater peace of mind.
For further information, contact the Mykonos Sales team.Read more...
Discussing a wide range of topics impacting enterprises and
data center security.