case 6.4
pdf
keyboard_arrow_up
School
Florida International University *
*We aren’t endorsed by this school
Course
6021
Subject
Information Systems
Date
Dec 6, 2023
Type
Pages
3
Uploaded by MagistrateNeutron5037
Case 6.4: Autopsy of a Data Breach: The Target Case
ISM 6021
Part 1: Sources of Risk: Analyze every source of risk: Well-meaning Employees, Malicious Employees, Targeted Attacks, Partners (Business and Technology) and Technology Components and see how they were relevant in the Target Data Breach.
Well meaning employees: These employees allowed the attackers to enter Target’s systems through a method of phishing. They used a phishing email. These employees due to their negligence allowed the hackers to access the system. Employees have to be taught better to act and respond in these certain situations. Have the knowledge to not be baited such as the HVAC contractor’s employees were. This was the initial entry, in which makes it the most important. Target employees also didn’t respond to the threat as level 1 alerts were notified. More effective response would have prevented this. Malicious Employees:
These employees can participate in data breaches. One way it leads to data breaches is that they misused their granted access to leak confidential information. In relevance to the Target case, the breach was done by external factors but one can’t truly rule out the involvement of malicious employees. Targeted Attacks:
In Target’s case, the breach was performed by hackers. Hackers look at weak parts of the network’s infrastructure to gain access. They use malware to enter the system, specifically point of sale system also known as POS, in which they stole payment data on the cards used. The hacker’s knowledge in their craft allowed them to exploit Target’s weak security defense to enter the system to steal sensitive information on their customers. Partners (Business and Technology):
The primary breach was performed as an attack to a third party HVAC contractor firm Fazio Mechanical Services. In which it had access to Target’s network which was the goal. Fazio Mechanical Services had remote access to Target’s network for purposes of electronic billing, contract submission and project management. As explained, these hackers can capitalize on the business partner weak security system to gain access to Target’s primary systems. The business partner’s (HVAC contractor) system was easier to access by the attacker, they utilized that vulnerability as a entrance point into Target. Technology Components:
The breach was located in the POS systems, which are the point of sale systems. These shows the feeble security configurations in these components were utilized to the attackers benefit. As a result, the hackers gain access to customer’s private payment data from the POS system. The vulnerabilities of these technology components allowed the hackers to get close to their goal. Part 2: How could have Target protected itself based on the 5 sources of risk: Well-
meaning Employees, Malicious Employees, Targeted Attacks, Partners (Business and Technology) and Technology Components and see how they were relevant in the Target Data Breach.
For Target to protect itself based on the five sources of risk would be to have the latest security software and operating systems. These would be the best defense against malware from outside sources and other online threats, as in this day and age is more prominent as the world is more interconnected. Utilizing the latest advanced firewall which is a group of related programs which keeps out outsiders from entering the system from private networks. Business partners also updating the latest security would protect Target from future attacks. Part 3: As a Manager in your Organization, what are your take-aways from this case?
In conclusion, the breaches were done by multiple factors in which each played a role in the final outcome. The employees attacked under the phishing email, the business partner in this case the HVAC contractor and the attackers exploiting weak security measures allowed them access. The initial breach on the HVAC contractor which lead to Taget shows how important it is to secure the whole supply chain. As explained in part
2, online threats are more prominent in this era as malware becomes more advance and tricky to identify and handle. Tricky malware as BlackPOS is difficult to detect and deletes any traces left behind. We need to take proper measures in securing all our weak links, if it is technological components, business partners or better trained employees. As each link is secure, it would pose more challenging for attackers to reach their goals and gain access to companies systems such as Target and protect its customer’s sensitive information.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help