Target did not respond to FireEye security alerts prior to breach, according to report

Share this article:
Mozilla plugs nine vulnerabilities ranked "critical" in its web browser.
Target did not respond to FireEYe security alerts before its massive breach.

Target might have been a tad negligent when it came to observing its security systems last year, according to a Thursday Businessweek report.

Months before hackers stole 40 million payment cards, among heaps of other information, at the end of 2013, the retail giant installed a $1.6 million malware detection system from security company FireEye that later picked up on the attackers' suspicious activity – on multiple occasions.

Target seems to have done nothing about it.

Interviewing more than 10 former Target employees familiar with the company's security, and eight people with knowledge of the attack, Businessweek learned of an alert system that worked like a charm – or at least it was supposed to work.

When asked to explain Target's lack of a response to those alerts, a variation of a media statement was emailed to Businessweek from company CEO Gregg Steinhafel. It begins by explaining that Target had been certified as meeting payment card industry (PCI) standards, before explaining what Target has done since the breach.

In a Thursday email, Eric Chiu, president and co-founder HyTrust, told SCMagazine.com that not responding to these types of alarms is shocking, but not so surprising for a company that, at the time, had security fairly low on its list of priorities.

“We often see organizations ignoring alarms like this because they've become numb to them, receiving too many false positives, or because they're understaffed,” Chiu said. “You can have all the alarms you want, but unless you put security in a prominent position in the company and have enough staff to review them, those alarms don't mean anything.”

Joe Schumacher, security consultant for Neohapsis, offered other reasons to SCMagazine.com in a Thursday email.

“I don't think it is about not paying attention to the technologies as much as fine tuning for actionable, relevant information from the technology,” Schumacher said. “Many security systems (e.g. Web application firewall, log monitoring, Intrusion Detection/Prevention Systems, etc.) correlate large amounts of data into a single repository. Unfortunately, a lot of companies and professional services stop here.”

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Apple implements two-factor authentication

The company followed through on its promise to up iCloud security by implementing two-factor authentication earlier this week.

C&K apologizes for unauthorized access that led to Goodwill breach

A web hosting service apologized for intermittent unauthorized access of its hosted environment over 18 months that led to the Goodwill breach.

Yelp and TinyCo settle with FTC over COPPA Rule violations

Yelp and TinyCo settle with FTC over COPPA ...

Yelp will pay $450,000, and TinyCo will pay $300,000 to settle charges that their mobile apps collected information from children under the age of 13.