Computing

Analysts: Retailers Must Be Vigilant After Hacks

Analysts: Retailers Must Be Vigilant After Hacks
January 13, 2014 10:26AM

Bookmark and Share
There's a possibility that many retail organizations may have been victims of the same set of malware attacks as Target and Neiman Marcus. Retail organizations including Target and Neiman Marcus should be looking at how well prepared they are to identify a compromise after it has taken place, investigate that compromise, and clean it up.

APC has an established a reputation for solid products that virtually pay for themselves upon installation. Who has time to spend worrying about system downtime? APC makes it easy for you to focus on business growth instead of business downtime with reliable data center systems and IT solutions. Learn more here.

It’s not just Target. Neiman Marcus on Friday disclosed hackers may have stolen the credit and debit card numbers of its customers. While Target is reporting at least 70 million customers were affected, the luxury retailer isn’t yet sure how deep its server breach runs.

We caught up with Chris Petersen, CTO and co-founder of LogRhythm, a log analysis firm, for his take on the beach. He told us he wonders just how broad this targeted attack against retailers could actually be. Does it span beyond Target and Neiman Marcus? Or are these isolated incidents?

“Currently, there is no national breach disclosure law. While most states do have such laws, the teeth of the law are often insufficient to overcome concern regarding brand damage,” Petersen said. “Most breaches that go public still do so as a result of a third-party reporting. What we don’t know is how many other companies were breached, or still are, from this same or similar attack."

Stuxnet Invading Retailers?

As Petersen sees it, the scale of the Target breach speaks to the sophistication of the organization and the methods behind it. With Neiman Marcus reporting a similar breach, Petersen wonders if we've seen a cybercrime-driven Stuxnet-like capability applied to retail corporations.

“Like Stuxnet, it would appear stealthy malware was introduced focused on compromising thousands of specific systems where cardholder and PIN data could be accessed in unencrypted form, likely via a memory scraper,” Petersen said. “To successfully accomplish this, highly sophisticated malware was almost certainly developed and deployed.”

According to Petersen, this malware would need to compromise systems en route to intended targets and remain stealthy in the process, only going active once the scale of compromise was sufficient to achieve the designers objective -- en mass data theft. He concluded that these are capabilities similar to the military-class malware Stuxnet is believed to have been in 2010.

Retailers at Risk

We also turned to Tom Cross, director of Research at Lancope, to get his thoughts on the retailing breaches. With the possibility that a large number of retail organizations may have been victims of the same set of attacks, he told us other retail businesses have to be asking if they were compromised as well.

“It has been confirmed that malware was installed on point of sale terminals at Target, so other retail organizations should be taking a close look at their point of sale systems,” Cross said.

"Retail organizations should be looking at how well prepared their organization is to identify a compromise like this after it has taken place, investigate that compromise, and clean it up. Organizations often under-invest in incident response capabilities because they view those capabilities as reactionary and would prefer to prevent incidents up front. However, even the best preventative approaches will sometimes fail and you need to be prepared for that," Cross said.

Tell Us What You Think
Comment:

Name:



 Computing
1. Lenovo Still in Small Windows Tablets
2. How Chrome Eats Your Battery Life
3. Cisco Woos More Devs with DevNet
4. Investor Wants EMC To Spin Off VMware
5. Schools Buy Million Chromebooks in Q2




 Most Popular Articles
1. Experts Say Four Threats Put Internet Freedom at Risk
2. Gartner Rates Security Solutions in Annual Magic Quadrant Report
3. Google I/O Conference Brings a Lot for Businesses
4. IBM Earmarks $3B for Next-Gen Cloud Computing Chips
5. Focus on Security in New Dell Products, Upgrades

Have an informed opinion on this story?
Send a Letter to the Editor.
We want to know what you think.
Send us your Feedback.

 Related Topics  Latest News & Special Reports

  Juniper DDoS for High-IQ Networks
  Seagate Unveils Networked Drives
  Google Hacker Team to Hunt Bugs
  Cloud Firms Offer Azure Starter Kit
  FBI Cyber-Expert's Humble Start

 Technology Marketplace
Big Data
Unlock your enterprise data's potential. Learn how in the research report.
Are you getting everything you can out of your business data?
 
Business Intelligence
Get real-time, cloud-based information services with Neustar.
 
CIO Issues
Secure and retain skilled technology professionals. Learn how.
 
Cloud Computing
Are you getting everything you can out of your business data?
 
Data Storage
Unlock your enterprise data's potential. Learn how in the research report.
 
Enterprise Hardware
Protect your network with APC Smart-UPS battery backup
Cisco UCS Invicta Series flash memory systems
 
Enterprise I.T.
Register for an upcoming ISACA® certification exam today
Secure and retain skilled technology professionals. Learn how.
 
Enterprise Software
Unlock your enterprise data's potential. Learn how in the research report.
 
Hardware
Protect your network with APC Smart-UPS battery backup
Ferocious productivity. A fearless team of pros. Find Out More
Cisco UCS Invicta Series flash memory systems
 
Network Security
Protect your network with APC Smart-UPS battery backup
 
Small Business
Ferocious productivity. A fearless team of pros. Find Out More