Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Inside Target, CEO Gregg Steinhafel Struggles to Contain Giant Cybertheft
WSJ ^ | Feb 18, 2014 | Monica Langley

Posted on 02/19/2014 10:58:29 AM PST by ImJustAnotherOkie

How Target Is Working to Manage Crisis After Theft of Credit and Debit Card Numbers From Millions of Customers

MINNEAPOLIS—Executives settled around a square table inside a Target Corp. TGT +1.92% conference room here earlier this month and munched on store-brand snacks as they chewed over something far less appetizing.

Opinion surveys commissioned by the company found that the massive cybertheft that waylaid Target late last year had knocked confidence and trust in the 51-year-old retailer to an all-time low.

Some of the executives were frustrated. Target was having trouble shaking the fallout from a key decision by Chief Executive Gregg Steinhafel that made the crisis appear even worse than it already was.

(Excerpt) Read more at online.wsj.com ...


TOPICS: Business/Economy; Crime/Corruption; Culture/Society
KEYWORDS:
I actually feel for a lot of retailers. They pay the credit card company money to do credit card company's job.

I don't know why retailers should have to keep any information except the transaction ID.

1 posted on 02/19/2014 10:58:29 AM PST by ImJustAnotherOkie
[ Post Reply | Private Reply | View Replies]

To: ImJustAnotherOkie

Supposedly the hackers gained access to Target’s systems via an HVAC contractor in Sharpsburg, PA who was a vendor to them.

Some employee at the HVAC firm clicked a link in one of those SPAM emails. The hackers infected that machine, and jumped into it’s connection to Target’s network used for billing and invoicing. And they were off to the races.

Scary to think you not only have to worry about your own company’s IT security, but that of thousands and thousands of vendors, some of whom employ idiots.


2 posted on 02/19/2014 11:07:51 AM PST by Buckeye McFrog
[ Post Reply | Private Reply | To 1 | View Replies]

To: ImJustAnotherOkie

Retailers have the information from the sale. Many choose to keep it for a myriad of reasons. mostly with knowing more about their customer so they can increase sales.

For example Target can determine a woman is pregnant based on her buying.

In this case that data wouldnt have matter, because the data was stolen at the time of sale from the credit card machine.


3 posted on 02/19/2014 11:08:11 AM PST by driftdiver (I could eat it raw, but why do that when I have a fire.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: ImJustAnotherOkie
Why was Target using fourteen year old
unpatched Microsoft code in every cash register
open to the entire network ?

4 posted on 02/19/2014 11:30:44 AM PST by Uri’el-2012 (Psalm 119:174 I long for Your salvation, YHvH, Your teaching is my delight.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Buckeye McFrog

It’s Target’s own damn fault for not proactively installing real-time monitoring of their servers. This is what happens when you have incompetent managers. Getting hacked happens to _everyone_. However, getting hacked and taking days upon days to figure out that it happened is just plain bad management. Heads should roll all the way up to the CEO level.

Target should become the poster child for how a company can die.


5 posted on 02/19/2014 11:32:28 AM PST by glorgau
[ Post Reply | Private Reply | To 2 | View Replies]

To: UriĀ’el-2012

Slightly OT but a couple years back doing some side stuff for a decent sized retailer, I saw a red hat Linux cash register.


6 posted on 02/19/2014 11:42:47 AM PST by wally_bert (There are no winners in a game of losers. I'm Tommy Joyce, welcome to the Oriental Lounge.)
[ Post Reply | Private Reply | To 4 | View Replies]

To: wally_bert

Red Hat Linux is very successful at what they do, it seems. They apparently have thousands of employees selling what is essentially open source software.

That has got to be like selling ice to an eskimo.


7 posted on 02/19/2014 11:44:35 AM PST by GeronL (Vote for Conservatives not for Republicans!)
[ Post Reply | Private Reply | To 6 | View Replies]

To: Buckeye McFrog

Rumor has it that they hacked a device, like a store terminal.


8 posted on 02/19/2014 11:47:10 AM PST by AppyPappy (Obama: What did I not know and when did I not know it?)
[ Post Reply | Private Reply | To 2 | View Replies]

To: UriĀ’el-2012

That however wasn’t the core issue, just a peripheral contributing factor.

The real issue in my eyes is why don’t the CC companies invest in a better infrastructure model. They make the real money without reinvesting. In fact this is crucial enough there should be a significant R&D (Not Implementation) project by someone like DARPA and design a next, next, next generation system.


9 posted on 02/19/2014 11:58:58 AM PST by ImJustAnotherOkie (zerogottago)
[ Post Reply | Private Reply | To 4 | View Replies]

To: Buckeye McFrog
Brian Krebs recently posted a blog entry speculating on how the bad guys got their initial way in, how they conducted reconnaissance on Target's network layout, etc.

The could have employed techniques such as examining the metadata on MS Office files authored by Target employees. E.g., you might try googling site:target.com filetype:xlsx. That turns up 172 hits, but the server is down for some reason, so, sorry, you'll now have to be content with the Google cache results. But apparently it was not down a few days ago, when Krebs visited. He was able to find internal Target Windows domain names and user names embedded in documents, potentially useful to an intruder trying to gain entry to more sensitive parts of Target's network.

MS Office is quite famous for its leaky nature. A favorite is change tracking in Word. As a collaborative author, you want it on, so that the changes made by you and your colleagues are visible. But you don't want it visible while you are writing, because that is very distracting. The problem is when you send the doc to an external party. If you forget to delete the change history, the recipient can set change tracking back to visible and potentially gain valuable insight at your expense.

10 posted on 02/19/2014 12:21:53 PM PST by cynwoody
[ Post Reply | Private Reply | To 2 | View Replies]

To: ImJustAnotherOkie

I don’t support Target’s decision to support a behavior God detests, so I don’t trade with them.


11 posted on 02/19/2014 12:27:09 PM PST by afsnco
[ Post Reply | Private Reply | To 1 | View Replies]

To: ImJustAnotherOkie

The next generation credit and debit card systems are already in existence and deployed. Just not in the USA market. One of the other posters probably nailed it in describing it as the card companies maxing their profits by not reinvesting the radically better armored card technologies that are in wide use outside our borders.


12 posted on 02/19/2014 12:29:39 PM PST by Hootowl99
[ Post Reply | Private Reply | To 9 | View Replies]

To: ImJustAnotherOkie
That however wasn’t the core issue, just a peripheral contributing factor.

The core problem was nothing was sandboxed by
application.

The attack vector was either email or employees
browsing Eastern European Porn Sites.

Browsers need to be isolated from the core business of
the corporation. In addition outside vendors also need to be isolated
from internal networks. Cash registers running XP POS need to be
sandboxed from internal networks. I also understand the malware
was certified to create transmission caches
and certified for transmission outbound.


13 posted on 02/19/2014 12:30:01 PM PST by Uri’el-2012 (Psalm 119:174 I long for Your salvation, YHvH, Your teaching is my delight.)
[ Post Reply | Private Reply | To 9 | View Replies]

To: GeronL

Perhaps you should look into it before publicly demonstrating your ignorance on the matter.


14 posted on 02/19/2014 12:37:23 PM PST by KEVLAR (Liberty or Death)
[ Post Reply | Private Reply | To 7 | View Replies]

To: UriĀ’el-2012
In addition outside vendors also need to be isolated from internal networks.

Bingo...Take away the getaway car and you have a lot fewer bank robberies.

15 posted on 02/19/2014 12:50:54 PM PST by ImJustAnotherOkie (zerogottago)
[ Post Reply | Private Reply | To 13 | View Replies]

To: glorgau
It’s Target’s own damn fault for not proactively installing real-time monitoring of their servers. This is what happens when you have incompetent managers. Getting hacked happens to _everyone_. However, getting hacked and taking days upon days to figure out that it happened is just plain bad management. Heads should roll all the way up to the CEO level. Target should become the poster child for how a company can die.

Years ago, when the Three Mile Island nuclear accident occured, I said similar words about General Public Utilities, the owner of TMI.

16 posted on 02/19/2014 12:58:20 PM PST by cicero2k
[ Post Reply | Private Reply | To 5 | View Replies]

To: cynwoody

Fascinating and I once experienced just that, but I don’t know how to delete the change history. Can you tell me?


17 posted on 02/21/2014 4:06:18 AM PST by 1010RD (First, Do No Harm)
[ Post Reply | Private Reply | To 10 | View Replies]

To: afsnco

As is your God-given right. Freedom of Association is natural.


18 posted on 02/21/2014 4:06:50 AM PST by 1010RD (First, Do No Harm)
[ Post Reply | Private Reply | To 11 | View Replies]

To: UriĀ’el-2012

Eastern European Porn Sites

It’s always fascinating to see people work to divest God from humankind and yet we’re in His image and likeness. Why wouldn’t His Laws benefit us?

All illicit activities attract a certain type. That’s why even when prostitution is legal or decriminalized you still get slave trafficking, drug abuse, sexually abused people and their mob-type pimps/pushers. Nothing new under the sun.

Cecil B. DeMille, who made the Charlton Heston film the Ten Commandments, observed that we don’t break the Ten Commandments, but break ourselves upon them.


19 posted on 02/21/2014 4:10:19 AM PST by 1010RD (First, Do No Harm)
[ Post Reply | Private Reply | To 13 | View Replies]

To: 1010RD
I don’t know how to delete the change history. Can you tell me?

I would first google for something like office scrub metadata. E.g., this Microsoft support page or this helpful .edu page.

Then, after following the removal instructions, I would google for such as ms word forensics and use the methods mentioned to attack both my original document and the scrubbed version and verify that nothing sensitive remains in the scrubbed version.

Being lazy, I've generally used the save-as-PDF method. But, depending on your needs, that may not be satisfactory, e.g., if the external recipient is supposed to edit and return the doc.

20 posted on 02/21/2014 9:25:30 AM PST by cynwoody
[ Post Reply | Private Reply | To 17 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson