Target Data Breach: Cybercriminals

TARGET DATA BREACH Name: Institution: Course Name: Course Code: Date: Target Data Breach 1: what steps did the cybercriminals follow in committing this theft The cybercriminals first purchased and or if they are the creators of the malware to e installed at the weakest point in the Target’s infrastructure, the point of sale terminals. It is claimed that the malware has been around for a while and it could be bought from the black market. It is famously known as BlackPOS. It is possible the same group of cybercriminals is the creator of the malware since the investigations showed that the information ended up in Moscow where the malware is purported to have originated. Secondly, the cybercriminals established another vulnerability through a Target vendor, HVAC firm Fazio Mechanical Services which had been authorized to remotely access the Target’s network for electronic billing contract submission and project management. The cybercriminals send an email to the Fazio mechanical services employee which was infected with malware. They were able to obtain the firm’s user code and password and therefore could log into the Target’s system and install their malware on Target’s servers. The criminals then routed the information they collected from the Target servers to three temporary servers in Brazil and the United States. The information was transferred during peak hours since to ensure the high bandwidth usage did not raise eyebrows. These temporary servers were used without the owners’ knowledgeand ‘carelessly’ dumped after the operation. 2: What factors allowed this theft to take place Ignorance Target received warnings on its systems showing that there was malware and they ignored it since they did not trust the new software installed to increase the security of information. As early as November 30th, 2013, Target received level 1 security alerts and ignored them. Level 1 is the highest alert type that should have warranted an investigation into the performance of the system and security of its information. Target security experts deactivated a feature that could have detected and automatically deleted the malware. Noncomplia...