On Black Friday, 2013, millions of shoppers went to Target stores around the U.S. They picked out what they wanted, stepped up to a cashier, swiped their credit cards and left happy.
Except they shouldn’t have been happy. Months earlier, hackers broke into Target IT systems through a small, third-party HVAC contractor to the company. The attackers moved laterally, jumping from one part of Target’s network to the next, until they reached Target’s point-of-sale systems. How’d they pull it off? Because the people who could’ve stopped them weren’t watching.
On Black Friday, every Target customer who swiped their credit card had unwittingly handed over their information to a hacker, who later posted it all to the dark web. Many would later watch on with disdain as Target’s CEO, COO and CIO all resigned from their posts, amid the worst PR disaster in company history. Those people, who thought the Target hack was just a Target problem, were wrong.
Large companies with insufficient IT security in place befall to major hacks year after year. In Target’s case, it was a failure to actively monitor network traffic. But Yahoo, Marriott, TJX, and Sony all went through similar ordeals. Equifax’s hack in 2017 affected almost the entire adult population of the United States. These incidents aren’t the exception, they’re the rule. Oh, and small company hacks? We don’t know those stories–those companies have since gone under.
That’s why it’s more important than ever before to invest in advanced, emerging cybersecurity solutions. For medium-to-large institutions, it’s about keeping privileged information secure, and under a watchful eye. The old days of having one Excel spreadsheet, with a list of all your organization’s passwords in one neat row, are over. The days where a hacker could infiltrate a network, and do what they wished inside for months on end, should be over. Why do we have police roaming our streets, and then forgo monitoring for our sensitive computer networks? A break-in of a Target store location costs far less than a break-in of their network.
This is why password vaults must be paired with the most advanced proactive monitoring technology, for any organization with any cyber presence (read: any organization, period). Locking away sensitive information is a necessary start towards cybersecurity, but without the second step–keeping 24/7 watch to make sure that information stays locked–malicious actors can freely poke around, until they eventually find a way in. Target, Yahoo, and companies across the nation that hadn’t previously taken such steps have learned this lesson.
But it’s not all doom and gloom. Equifax, despite the embarrassment of their hack, had previously implemented a package-capturing software, which monitored and provided a snapshot of all activity over their network. After the dust settled, that information proved absolutely vital to piecing together what happened, what went wrong, and how to stop it from ever happening again. We can’t stop every cyber threat. But we have the means to do more and we should.
About the author:
Nathaniel Nelson writes the internationally top-ranked “Malicious Life” podcast on iTunes, hosts programs on blockchain and SCADA security, and contributes to AI and emerging tech blogs.