Target Ignored Signs of Cyber Breach

Target

The Target Corporation declined to act on warnings from the security software that the company was at risk for malicious cyber breach. Reports claim that FireEye Inc. sent an alert to Target’s security team confirming that a malicious software showed up on the company’s system.

The FireEye alert was labeled ’malware.binary,’ which according to security experts is a common alert that often leads to a dead-end when using FireEye security technology. Many security experts hesitate to respond to such generic warnings. The softwares function that automatically removes any suspicious software was turned off by Target’s security team before the attack. It has been reported by a security systems experts that a lot of customers turn off the auto feature due to a glitch for flagging non-malware that in return interrupts web and email service. A Target spokesperson claims the company is investigating the incident to see if the breach could have been handled with a less disastrous outcome.

Many big security companies are supporting Target on the matter stating that the company is most likely to receive false malware.binary threats in the hundreds every day. The severity of the breach is not a reason to claim Target as incompetent with security matters.
The Justice Department warned Target about the activity and the company took action and within three days the malicious software was removed from Targets systems. The cyber breach had a small effect on Targets shares dropping 2 percent.

Close to 70 million credit card numbers and personal customer information was stolen from the Target. Many credit card companies are demanding more security from retailers due to security breaches. Class action lawsuits from banks for reimbursement due to fraud and card replacement are being issued against Target.

Target is not the only retailer who had the misfortune a malware attack. The high-end retailer Neiman Marcus also suffered a security breach around the same time. The company missed 60,000 alerts after customer information was stolen from their system. The malware was cleverly disguised as a similar name as the company’s official payment software making it hard to identify. Neiman Marcus’ automatic malware block feature was also shut off.

Ironically, Target tried to initiate a system that would banish any security breach problems from happening in their stores. The company installed Smart Card technology in all Target stores throughout the U.S.. The company abandoned the program because no other retailer was on board, and the technology slowed down checkout times. For the system to work everyone needs to use the technology. John Mulligan, the chief financial officer of Target claims this idea was initiated back in the early 2000’s. He also says the company is willing to visit the Smart Card idea again. The company wants to eradicate the security breach problem for all retailers.

Ignoring the signs of the cyber breach has left Target dealing with many repercussions. A possible class action suit from various banks, an investigation by congress, fixing their own security system and regaining the customers they lost at the time of the security breach. Many security experts claim Target should not take the fall due to the vague alerts that are sent to security teams, not to mention glitches caused by auto features that are on the security software. All in all, more precautions need to be addressed so retailers and customers can be assured their information remains private.

By Christina Thompson

Sources:

CNBC
Star Tribune
Reuters

Leave a Reply

Your email address will not be published.