Presentation is loading. Please wait.

Presentation is loading. Please wait.

Target Data Breach – Cost of the Learning Curve Discuss the recent Target data breach and its impact on the industry as well as individuals January 29/30,

Published byBeverly Reynolds Modified over 9 years ago

Similar presentations

Presentation on theme: "Target Data Breach – Cost of the Learning Curve Discuss the recent Target data breach and its impact on the industry as well as individuals January 29/30,"— Presentation transcript:

1 Target Data Breach – Cost of the Learning Curve Discuss the recent Target data breach and its impact on the industry as well as individuals January 29/30, 2014

2 Target Data Breach – Cost of the Learning Curve Overview Chronology of events Customer Communications (unfolding of an incident) Target – Privacy Policy updated Incident response - Target Incident response – Individuals Operation Kaptoxa Black market facts to know What did we learn? – Industry, Individual customers Cost of the learning curve Resources Presentation Overview

3 Target Data Breach – Cost of the Learning Curve Chronology of events Nov 27- Dec 15, 2013 A data hack at Target stores, estimated 40-million credit cards. Target detected and shuts down malicious access around Dec 15, 2013 Dec 18, 2013 News of possible data breach reported by KrebsOnSecurity in his blog Dec 19, 2013 Target acknowledges data breach Dec 20,2013 Dec 27,2013 Target says it received a few reports of credit card fraud, extends an offer of 10% off in- store purchases Forensics revealed encrypted debit card PIN was accessed 110 million customers ThreatExpert.com, ‘Reedum’ POS Trojan copy uploaded. IT searches for credit card data on a compromised machine and sends the data to a local IP, reads track1 and track2 data on the magnetic strip

4 Target Data Breach – Cost of the Learning Curve Target – Customer Communications

5 Target Data Breach – Cost of the Learning Curve Target – Customer Communications

6 Target Data Breach – Cost of the Learning Curve Target – Customer Communications

7 Target Data Breach – Cost of the Learning Curve Target - Privacy Policy Updated

8 Target Data Breach – Cost of the Learning Curve Incident response - Target Preparation Detection and analysis Containment Eradication Recovery Post-incident activity

9 Target Data Breach – Cost of the Learning Curve Incident response - Individuals

10 Target Data Breach – Cost of the Learning Curve Operation Kaptoxa Trojan.POSRAM, code based on BlackPOS developed in Russia in 2013 Memory scraping tool that grabs data directly from POS terminals before it is encrypted Stores the data in victim’s own systems Other tools used to penetrate networks, maintain APT, extract data The tool monitors memory address spaces used by specific programs such as pos.exe and posW32.exe that process data embossed on the magnetic strip of the card The siphoned data is stored on the system and every 7 hours the malware checks the local time to see if between 10 am – 5 pm. If so, it attempts to send the data over temporary NetBIOS share to an internal host inside the compromised network Attackers then extract the data over FTP

11 Target Data Breach – Cost of the Learning Curve Black market facts to know Groups of higher-end cards are worth significantly more than those with lower credit limits and so are cards tied to additional personal information, such as names, addresses and zip codes, which make them easier to use. Cost of stolen card ranges from $23.62 to $135 ‘Good guys’ may buy back the stolen cards from the ‘bad guys’ to try determine where the breach may have occurred Stolen card data can be used online to make purchases or re- encoded on blank cards to make ‘in-store’ purchases Good faith transactions backed by ‘guarantees’ If inquisitive to know more about how the incident evolved, read Brian Krebs’ blog at : http://krebsonsecurity.com

12 Target Data Breach – Cost of the Learning Curve What can we learn - Industry CVV1 codes were compromised this could mean they were stored, which is disallowed by PCI DSS. Timing – the breach was timed, possible practiced and tested There were opportunities missed to prevent, detect and mitigate Reporting of the breach came from outside the company Initial reports of credit card data being available in black market was made public by an industry blogger Stop ignoring the possibilities – ‘vectors’. ‘Bad guys’ look for holes that ‘good guys’ missed to plug

13 Target Data Breach – Cost of the Learning Curve What can we learn - Individual Limit the number of debit & credit cards Use the fraud alert and credit monitoring Consider using ‘pre-paid’ reducing balance cards Protect your ‘privacy’, share information on a ‘need to know’ basis Monitor bank and financial statements Learn to identify phishing scams Apply updates and patches regularly No alternative to better awareness – news, blogs, seminars etc.

14 Target Data Breach – Cost of the Learning Curve Cost of the Learning Curve Data breaches cost United States businesses an average $188 per record compromised, according to the Ponemon Institute’s 2013 Cost of a Data Breach Study. Cost of a Data Breach Study http://www.ihatetarget.net/ Reputation Loss Revenue Loss Fines, legal costs

15 Target Data Breach – Cost of the Learning Curve Resources http://www.isightpartners.com/2014/01/kaptoxa-pos-report-faq/ Article about the specific malware: http://www.wired.com/threatlevel/2014/01/target-malware-identified/

16 Target Data Breach – Cost of the Learning Curve Presented by: Noor Aarohi Senior Analyst – Risk and Compliance GW Division of Information Technology infosec@gwu.edu

Download ppt "Target Data Breach – Cost of the Learning Curve Discuss the recent Target data breach and its impact on the industry as well as individuals January 29/30,"

Similar presentations

Payment Card Industry Data Security Standard AAFA ISC/SCLC Fall 08.

Payment Card Industry Data Security Standard AAFA ISC/SCLC Fall 08.
.. PCI Payment Card Industry Compliance October 2012 Presented By: Jason P. Rusch.

.. PCI Payment Card Industry Compliance October 2012 Presented By: Jason P. Rusch.
PCI Compliance: The Gateway to Paradise PCI Compliance: The Gateway to Paradise.

PCI Compliance: The Gateway to Paradise PCI Compliance: The Gateway to Paradise.
Banking. Agenda Start time: ____ Break time: ____ (10 minutes) End time: ____ Please set phones to silent ring and answer outside of the room.

Banking. Agenda Start time: ____ Break time: ____ (10 minutes) End time: ____ Please set phones to silent ring and answer outside of the room.
ISACA VA Chapter Is PCI Broken? Presented By: Bryan Miller Syrinx Technologies 804-539-9154.

ISACA VA Chapter Is PCI Broken? Presented By: Bryan Miller Syrinx Technologies
Computer Crime and Identity Theft Abe Orabi Tom Ballaro Tim Williams.

Computer Crime and Identity Theft Abe Orabi Tom Ballaro Tim Williams.
SECURITY CHECK Protecting Your System and Yourself Source:

SECURITY CHECK Protecting Your System and Yourself Source:
Information Security Jim Cusson, CISSP. Largest Breaches 110,000 2009-11-27 NorthgateArinso, Verity Trustees 6,400 2009-11-25 Aurora St. Luke's Medical.

Information Security Jim Cusson, CISSP. Largest Breaches 110, NorthgateArinso, Verity Trustees 6, Aurora St. Luke's Medical.
Identity Theft. Identity Theft – Some Basics affects 12-15 million people per year keeps increasing each year most common items exposed during a data.

Identity Theft. Identity Theft – Some Basics affects million people per year keeps increasing each year most common items exposed during a data.
Managed Security Monitoring. 2 ©2015 EarthLink. All rights reserved. Today’s top IT concerns — sound familiar? Source: IT Security Risks 2014: A Business.

Managed Security Monitoring. 2 ©2015 EarthLink. All rights reserved. Today’s top IT concerns — sound familiar? Source: IT Security Risks 2014: A Business.
Emerging Trends: Cyber Threats Bryan Sheppard Cyber Security Defense Center.

Emerging Trends: Cyber Threats Bryan Sheppard Cyber Security Defense Center.
Are Large Scale Data Breaches Inevitable? Douglas E. Salane Center for Cybercrime Studies John Jay College of Criminal Justice Cyber Infrastructure Protection.

Are Large Scale Data Breaches Inevitable? Douglas E. Salane Center for Cybercrime Studies John Jay College of Criminal Justice Cyber Infrastructure Protection.
Why Comply with PCI Security Standards?

Why Comply with PCI Security Standards?
SMARTER. TOGETHER. Skimming Prevention: Overview of Best Practices August 5, 2014.

SMARTER. TOGETHER. Skimming Prevention: Overview of Best Practices August 5, 2014.
CERN - IT Department CH-1211 Genève 23 Switzerland www.cern.ch/i t Update on the underground economy and making profit on the black market Wojciech Lapka.

CERN - IT Department CH-1211 Genève 23 Switzerland t Update on the underground economy and making profit on the black market Wojciech Lapka.
Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties.

Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties.
Credit Card vs. Debit Card. Debit Cards Also called “check cards” –Works just like writing a check Deducts money from your checking account.

Credit Card vs. Debit Card. Debit Cards Also called “check cards” –Works just like writing a check Deducts money from your checking account.
Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.

Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
External Threats to Healthcare Data Joshua Spencer, CPHIMS, C | EH.

External Threats to Healthcare Data Joshua Spencer, CPHIMS, C | EH.

Similar presentations

Ads by Google