Target mass hack attack might have started with just one email

(First published in Tech Radar Pro on 13/02/14)

Target’s data breach last December was the second largest in U.S. history, with more than 100 million people affected. Now it is reported that the huge hacking attack may have started with just one email.

KrebsOnSecurity has published a report that the hackers accessed Target’s network by using authentication gained from a heating and ventilation subcontractor.

The contractor, once infected by malware spread by the attackers, left the virus undetected due to its anti-malware protection being a scan-only program with no preventative firewall.

Shotgun blast

When an order was placed by Target, the vendor had to log into a Target portal to confirm, connecting the two systems and spreading the infection.

Krebs states that the hackers may not have initially made Target its primary goal, but sent malicious emails out ‘like a shotgun blast’ to see who would be infected. Once the contractor had been infected and then spread the malware to Target, the hackers went to work.

Target made the job no harder, too, according the report, with easy to glean domain names and user info posted onto its dedicated websites. Investigations into the breach continue.

Via ArsTechnica

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

WordPress.com.

Up ↑

%d bloggers like this: