Security Breach at Target Essay

Open, View, and/or
Download this Document

Total Length: 580 words ( 2 double-spaced pages)

Total Sources: 2

Page 1 of 2

Computer Security Breaches

Internal Controls and Receivables

On December the 19th Target publicly acknowledged they had suffered a data breach, which had resulted in the loss of 40 million customer payment card details, along with their names, expiry dates, and the encrypted security codes (Munson, 2013), At the time this was one of the largest security breaches, with the firm suffering not just because they were targeted by criminals, but as a result of the failure of their internal controls.

The problem started when, in the run up to Thanksgiving, malware was installed on the payments system of Target (Riley, 2014). BlackPOS, which is also known as Kaptoxa, is malware designed for use on point of sales systems which operate on Microsoft Windows (Krebs, 2014). The Malware operates at the point of sales, when the customers' cards are swiped on an infected point of sale, the malware becomes active and at card details would be sent to a server within Target that had been commandeered by the criminals (Riley, 2014). Following the gathering of the payment card on the commandeered server the hackers had to upload the exfiltration malware to extract the details for their own use (Riley, 2013).

Stuck Writing Your "Security Breach at Target" Essay?

View All Our Example Security Breach at Target Essay

Have A Custom Example Essay Written

The data was extracted from the server, sending it first to staging points as a way of disguising the hackers' trackers, with the final destination being the hackers own location in Russia (Riely, 2013).

In many cases internal controls failed because malware goes undetected, the shocking issue with this breach was the way in which the firm had prepared for this type of event, $1.6 million had been invested in Malware detection, from the firm FireEye, a security specialist that also serves organizations such the CIA (Riley, 2013). The breach was noticed on the 30th of November 2012 by Bangalore team of security specialists that monitored the Target system; they raised the alarm, informing Target of the breach. It was here the system failed, as Target failed to respond or take action Krebs, 2014; Riley, 2013). Therefore, the internal failure was not one of detection, but of the ability of the firm to respond following the detection of the active threat. The failure resulted in a level of negative publicity, and the firm suffered a 46% drop in profit the last quarter of 2012, and costs for the community and banks associated with.....

Show More ⇣

     Open the full completed essay and source list


OR

     Order a one-of-a-kind custom essay on this topic


sample essay writing service

Cite This Resource:

Latest APA Format (6th edition)

Copy Reference
"Security Breach At Target" (2015, February 08) Retrieved June 6, 2025, from
https://www.aceyourpaper.com/essays/security-breach-target-2149025
   

Open, View, and/or
Download this Document
order custom essay example