CSI2102 - Information Security: Target Data Breach Case Study
VerifiedAdded on 2022/12/30
|8
|1725
|99
Case Study
AI Summary
This assignment is a case study of the Target data breach, examining the security failures that led to the compromise of customer data. It delves into the threats faced, including lack of encryption, third-party vulnerabilities, and outdated software. The assignment analyzes the breach in relation to ...
Read More
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: CSI2102- INFORMATION SECURITY
CSI2102- INFORMATION SECURITY
Name of student
Name of university
Author’s note:
CSI2102- INFORMATION SECURITY
Name of student
Name of university
Author’s note:
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1
CSI2102- INFORMATION SECURITY
Table of Contents
Introduction....................................................................................................................2
Threat faced by Target...................................................................................................2
CIA triad related to Security breach...............................................................................3
Protections present to prevent breach............................................................................5
Legal and Ethical issues related to the breach...............................................................6
References......................................................................................................................7
CSI2102- INFORMATION SECURITY
Table of Contents
Introduction....................................................................................................................2
Threat faced by Target...................................................................................................2
CIA triad related to Security breach...............................................................................3
Protections present to prevent breach............................................................................5
Legal and Ethical issues related to the breach...............................................................6
References......................................................................................................................7
2
CSI2102- INFORMATION SECURITY
Introduction
A network of Target Corporation was breached during 27th November and 18th
December, 2013. This was the second largest breach of debit and credit cards. In this target
breach, 70 million confidential information were stolen along with 40 million numbers of
debit and credit card were stolen. In 2014, several other target breaches were reported around
568 data were stolen (In, 2015). The division of Target Security protects the network and
system again all the threats of cyber like exfiltration and malware. A popular service of
malware detection was intruded which was named as FireEye. This service was cooperated
by CIA at the time of its development.
Threat faced by Target
Figure: Concept map
CSI2102- INFORMATION SECURITY
Introduction
A network of Target Corporation was breached during 27th November and 18th
December, 2013. This was the second largest breach of debit and credit cards. In this target
breach, 70 million confidential information were stolen along with 40 million numbers of
debit and credit card were stolen. In 2014, several other target breaches were reported around
568 data were stolen (In, 2015). The division of Target Security protects the network and
system again all the threats of cyber like exfiltration and malware. A popular service of
malware detection was intruded which was named as FireEye. This service was cooperated
by CIA at the time of its development.
Threat faced by Target
Figure: Concept map
3
CSI2102- INFORMATION SECURITY
From the above image it could be observed that the major threats faced by the
organisation could be categorised as lack of encryption, third party entry, outdated security
software, neglecting proper configuration, mobile malware and the implementation of
technology with significantly weak security (Shu et al., 2017). The threats could lead to
various kinds of breaches in the system of the organisation like earlier and data might be lost.
The most prominent threat is the implementation of improper network protocols and the use
of outdated software. The third party illegal users could easily gain access through the
outdated software as the security mechanisms in the software are not upgraded (Manworren,
Letwat & Daily, 2016). The network of the organisation is required to be updated constantly
for eliminating any issue of unauthorised user accessing the network of the organisation and
launch various attacks (Gray & Ladig, 2015).
CIA triad related to Security breach
The CIA triad is the policies designed to guide an organisation with respect to its
Information Security. The CIA stands for Confidentiality, Integrity & Availability, and these
elements are the most important constituents for the formation of Information security in any
organisation (Samonas & Coss, 2014). Confidentiality is similar to privacy, confidentiality is
ensured by limiting sensitive details of an organisation to unknown sources. Integrity means
assurance of data with respect to accuracy, trustworthy and consistency. The data must not
change by the people who are unauthorised to access it (Rawat & Bajracharya, 2015).
Availability is the proper access of data by the required people, with well-maintained
operating system and updated security system like proxy servers and firewalls.
The Target breaches that occurred resulted in the reveal of several confidential data
like the information about the credit and debit cards and several other personal information of
CSI2102- INFORMATION SECURITY
From the above image it could be observed that the major threats faced by the
organisation could be categorised as lack of encryption, third party entry, outdated security
software, neglecting proper configuration, mobile malware and the implementation of
technology with significantly weak security (Shu et al., 2017). The threats could lead to
various kinds of breaches in the system of the organisation like earlier and data might be lost.
The most prominent threat is the implementation of improper network protocols and the use
of outdated software. The third party illegal users could easily gain access through the
outdated software as the security mechanisms in the software are not upgraded (Manworren,
Letwat & Daily, 2016). The network of the organisation is required to be updated constantly
for eliminating any issue of unauthorised user accessing the network of the organisation and
launch various attacks (Gray & Ladig, 2015).
CIA triad related to Security breach
The CIA triad is the policies designed to guide an organisation with respect to its
Information Security. The CIA stands for Confidentiality, Integrity & Availability, and these
elements are the most important constituents for the formation of Information security in any
organisation (Samonas & Coss, 2014). Confidentiality is similar to privacy, confidentiality is
ensured by limiting sensitive details of an organisation to unknown sources. Integrity means
assurance of data with respect to accuracy, trustworthy and consistency. The data must not
change by the people who are unauthorised to access it (Rawat & Bajracharya, 2015).
Availability is the proper access of data by the required people, with well-maintained
operating system and updated security system like proxy servers and firewalls.
The Target breaches that occurred resulted in the reveal of several confidential data
like the information about the credit and debit cards and several other personal information of
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4
CSI2102- INFORMATION SECURITY
people. So several points were breaches and Target was unable in preventing them. The four
high sensitive breaches were listed below:
The segmentation of systems were not properly done. The assets of sensitive networks
must be kept aside from the networks that are easily accessed. The technique of
VLAN is easy for the process of segmentation.
The security tools like Symantec, auto-removal functionalities of Malware, and
FireEye have generated several warning in respect to security. However, those were
ignored by the Target.
Several groups and accounts of third party were not accessed by the Target properly
and HVAC Company had the initial break-in into the system.
The sale terminations were weaker than ever, the Target have allowed several
installation of software which were unauthorised to do those. Several unauthorised
configurations were also occurred in the system without proper permission. This
mainly caused the Target breach. Malware was spread through the installation of
software and theft of the information related to the debit and credit cards through the
terminal of sale.
The above four breaches are related to the triad of CIA. The first breach of improper
segmentation of system is related to Availability triad (Kumar, Raj & Jelciana, 2018). The
Target had the opportunity to make segments of the sensitive networks and move them aside
from the networks that are easily accessed, but it did not do so. The second breach is related
to Integrity as the Target could not be trusted with the proper acknowledgement of warning
from the security tools (Sendi & Cheriet, 2014). The third breach is related to Confidentiality,
the Target did not checked the authority of the third-party systems properly. The final breach
CSI2102- INFORMATION SECURITY
people. So several points were breaches and Target was unable in preventing them. The four
high sensitive breaches were listed below:
The segmentation of systems were not properly done. The assets of sensitive networks
must be kept aside from the networks that are easily accessed. The technique of
VLAN is easy for the process of segmentation.
The security tools like Symantec, auto-removal functionalities of Malware, and
FireEye have generated several warning in respect to security. However, those were
ignored by the Target.
Several groups and accounts of third party were not accessed by the Target properly
and HVAC Company had the initial break-in into the system.
The sale terminations were weaker than ever, the Target have allowed several
installation of software which were unauthorised to do those. Several unauthorised
configurations were also occurred in the system without proper permission. This
mainly caused the Target breach. Malware was spread through the installation of
software and theft of the information related to the debit and credit cards through the
terminal of sale.
The above four breaches are related to the triad of CIA. The first breach of improper
segmentation of system is related to Availability triad (Kumar, Raj & Jelciana, 2018). The
Target had the opportunity to make segments of the sensitive networks and move them aside
from the networks that are easily accessed, but it did not do so. The second breach is related
to Integrity as the Target could not be trusted with the proper acknowledgement of warning
from the security tools (Sendi & Cheriet, 2014). The third breach is related to Confidentiality,
the Target did not checked the authority of the third-party systems properly. The final breach
5
CSI2102- INFORMATION SECURITY
is related to Integrity as Target allowed installation of several software and allowed them to
configure which resulted in the spread of malware.
Protections present to prevent breach
The BlackPOS was found to be the malware that caused the breach mostly. BlackPOS
got installed at the sale terminals of the Target, hence the system of POS got compromised.
Therefore, a scheme of integrity could be ensured that used certificate and digital signature in
order to maintain the integrity of the sale terminal’s operating system. A digital signature that
verifies the executable are famous for long time. The updated operating systems have several
utilities to achieve their aim such as Microsoft Authenticode. But the policy for execution is a
bit difficult. This approach is practical in certain environment. To enforce integrity into the
system POS terminal and integrity centre were the two key player. The integrity centre does
four task- the generation of the key, distribution of the key, auditing of the files and lastly
signing those files. The policy of the POS terminal is only signed by the merchant.
Target was warned several times of malware attack by tools like FireEye, also the
auto removal of malware was turned down by the company. It became a huge challenge to
manage the security alerts in such a huge corporation. The output of FireEye is the raw data
and basic information like severity and type is of malware is available. All the unnatural
behaviour of malware is accounted and tracked properly. For the case of Target, the malware
detection is alerted, however in-depth details were unavailable. For huge corporation
effective designs of security warning is a necessity as a huge amount of alerts of security is
generated in a single minute, so to manage them an efficient system is needed. One design
could be Adaptive strength of security warning and another one could be analysing
connections of alerts and present them accordingly.
CSI2102- INFORMATION SECURITY
is related to Integrity as Target allowed installation of several software and allowed them to
configure which resulted in the spread of malware.
Protections present to prevent breach
The BlackPOS was found to be the malware that caused the breach mostly. BlackPOS
got installed at the sale terminals of the Target, hence the system of POS got compromised.
Therefore, a scheme of integrity could be ensured that used certificate and digital signature in
order to maintain the integrity of the sale terminal’s operating system. A digital signature that
verifies the executable are famous for long time. The updated operating systems have several
utilities to achieve their aim such as Microsoft Authenticode. But the policy for execution is a
bit difficult. This approach is practical in certain environment. To enforce integrity into the
system POS terminal and integrity centre were the two key player. The integrity centre does
four task- the generation of the key, distribution of the key, auditing of the files and lastly
signing those files. The policy of the POS terminal is only signed by the merchant.
Target was warned several times of malware attack by tools like FireEye, also the
auto removal of malware was turned down by the company. It became a huge challenge to
manage the security alerts in such a huge corporation. The output of FireEye is the raw data
and basic information like severity and type is of malware is available. All the unnatural
behaviour of malware is accounted and tracked properly. For the case of Target, the malware
detection is alerted, however in-depth details were unavailable. For huge corporation
effective designs of security warning is a necessity as a huge amount of alerts of security is
generated in a single minute, so to manage them an efficient system is needed. One design
could be Adaptive strength of security warning and another one could be analysing
connections of alerts and present them accordingly.
6
CSI2102- INFORMATION SECURITY
As Target failed to make segment of the networks that are sensitive from the easily
accessible networks, the attackers could escalate easily and cause severe issues to the
corporation. The technique to make strong exterior in network architecture is the best idea as
the people working inside the corporation are trustworthy. In the case of Target the attacker
extracted the security credential from another service provider of Target and they got access
of the network of Target. Therefore, the introduction of a network called Zero trust
monitored, identified and authorised all the incoming and outgoing traffics of the corporation.
Legal and Ethical issues related to the breach
The Legal issue related to this case study is the illegal access of the security detail by
the attackers through a third party service provider of the Target Corporation in order to
breach the information present in the Target Corporation also access the details of the debit
and credit cards as well as personal information. The ethical issue related to this case study is
the avoidance of security breach warning by the security controllers. The employees
responsible for monitoring those warning were not honest to their position and hence
practiced unethical means in their course of work.
CSI2102- INFORMATION SECURITY
As Target failed to make segment of the networks that are sensitive from the easily
accessible networks, the attackers could escalate easily and cause severe issues to the
corporation. The technique to make strong exterior in network architecture is the best idea as
the people working inside the corporation are trustworthy. In the case of Target the attacker
extracted the security credential from another service provider of Target and they got access
of the network of Target. Therefore, the introduction of a network called Zero trust
monitored, identified and authorised all the incoming and outgoing traffics of the corporation.
Legal and Ethical issues related to the breach
The Legal issue related to this case study is the illegal access of the security detail by
the attackers through a third party service provider of the Target Corporation in order to
breach the information present in the Target Corporation also access the details of the debit
and credit cards as well as personal information. The ethical issue related to this case study is
the avoidance of security breach warning by the security controllers. The employees
responsible for monitoring those warning were not honest to their position and hence
practiced unethical means in their course of work.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7
CSI2102- INFORMATION SECURITY
References
Gray, D., & Ladig, J. (2015). The implementation of EMV chip card technology to improve
cyber security accelerates in the US following target corporation's data breach. International
Journal of Business Administration, 6(2), 60.
In, M. S. (2015). Target says up to 70 million more customers were hit by December data
breach.
Kumar, P. R., Raj, P. H., & Jelciana, P. (2018). Exploring data security issues and solutions
in cloud computing. Procedia Computer Science, 125, 691-697.
Manworren, N., Letwat, J., & Daily, O. (2016). Why you should care about the Target data
breach. Business Horizons, 59(3), 257-266.
Rawat, D. B., & Bajracharya, C. (2015, April). Cyber security for smart grid systems: Status,
challenges and perspectives. In SoutheastCon 2015 (pp. 1-6). IEEE.
Samonas, S., & Coss, D. (2014). THE CIA STRIKES BACK: REDEFINING
CONFIDENTIALITY, INTEGRITY AND AVAILABILITY IN SECURITY. Journal of
Information System Security, 10(3).
Sendi, A. S., & Cheriet, M. (2014, March). Cloud computing: a risk assessment model.
In 2014 IEEE International Conference on Cloud Engineering (pp. 147-152). IEEE.
Shu, X., Tian, K., Ciambrone, A., & Yao, D. (2017). Breaking the target: An analysis of
target data breach and lessons learned. arXiv preprint arXiv:1701.04940.
CSI2102- INFORMATION SECURITY
References
Gray, D., & Ladig, J. (2015). The implementation of EMV chip card technology to improve
cyber security accelerates in the US following target corporation's data breach. International
Journal of Business Administration, 6(2), 60.
In, M. S. (2015). Target says up to 70 million more customers were hit by December data
breach.
Kumar, P. R., Raj, P. H., & Jelciana, P. (2018). Exploring data security issues and solutions
in cloud computing. Procedia Computer Science, 125, 691-697.
Manworren, N., Letwat, J., & Daily, O. (2016). Why you should care about the Target data
breach. Business Horizons, 59(3), 257-266.
Rawat, D. B., & Bajracharya, C. (2015, April). Cyber security for smart grid systems: Status,
challenges and perspectives. In SoutheastCon 2015 (pp. 1-6). IEEE.
Samonas, S., & Coss, D. (2014). THE CIA STRIKES BACK: REDEFINING
CONFIDENTIALITY, INTEGRITY AND AVAILABILITY IN SECURITY. Journal of
Information System Security, 10(3).
Sendi, A. S., & Cheriet, M. (2014, March). Cloud computing: a risk assessment model.
In 2014 IEEE International Conference on Cloud Engineering (pp. 147-152). IEEE.
Shu, X., Tian, K., Ciambrone, A., & Yao, D. (2017). Breaking the target: An analysis of
target data breach and lessons learned. arXiv preprint arXiv:1701.04940.
1 out of 8
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.