Despite alerts received through a $1.6 million malware detection system, Target failed to stop hackers from stealing credit card numbers and personal information of millions of customers, Bloomberg reports.
The November data breach that affected as many as 110 million Target customers could have been stopped in its tracks, according to a story published Thursday by Bloomberg.
Speaking with more than ten former Target employees and eight people with knowledge of the hack, Bloomberg said that Target already had in place a sophisticated malware detection system designed by security firm FireEye. The $1.6 million system was set up specifically to identify hacks and cyberattacks before they had a chance to do real damage.
Highlighting the ingenuity of FireEye's detection system, Bloomberg explained that it creates a parallel network on virtual machines. As such, the hackers are led to believe they're actually breaking into the real thing, thus exposing their attack methods and other breadcrumbs without jeopardizing the true network, at least not initially.
A team of security professionals was set up in Bangalore to monitor Target's network servers and alert security operators in Minneapolis of any detected malware. And this process worked as expected during the November hack. After detecting the hack, the people in Bangalore alerted the people in Minneapolis. But that's where the ball got dropped, according to Bloomberg. The hack continued on its merry way.
Full Article
How Target detected hack but failed to act
Userlevel 7
+54
Be the first to reply!
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.