The Bigger They Are, the Harder They Fall
The recent Target and Neiman Marcus breaches have raised attention in a number of areas, ranging from the types of attacks to what kind of data was compromised. But one thing that this Reuters article notes is that large US retailers are very obviously under attack: The sources who spoke to Reuters about the breaches said that investigators believe the attackers used similar techniques and pieces of malicious software to steal data from Target and other retailers. One of the pieces of malware they used was something known as a RAM scraper, or memory-parsing software, which enables cyber criminals to grab encrypted data by capturing it when it travels through the live memory of a computer, where it appears in plain text, the sources said. While the technology has been around for many years, its use has increased in recent years as retailers have improved their security, making it more difficult for hackers to obtain credit card data using other approaches.
The article continues... Retailers are often reluctant to report breaches out of concern it could hurt their businesses. Target only acknowledged its 2013 attack after security blogger Brian Krebs reported the breach, prompting inquiries from journalists and investors. Neiman Marcus said an outside forensics firm discovered evidence on January 1 that indicated the retailer had been the victim of a cyber attack. It disclosed the breach nine days later, after another inquiry from Krebs, who was following up on reports about a surge in fraudulent charges traced to the retailer. Target and J.C. Penney Co Inc. waited more than two years to admit that they were victims in 2007 of notorious hacker Albert Gonzalez, who was accused of masterminding the theft and reselling of millions of credit cards and ATM numbers. During his trial the companies were represented by lawyers who did not identify their clients as Target and J.C Penney.
Retailers obviously have a LOT to lose on countless fronts when a breach occurs. Rather than "put out fires" when it comes to tackling data security, just lock it down at the source. After all, stolen "fake data" is useless!