ipl-logo

Target's Negligence Case

778 Words4 Pages

On December 12th, 2015 Target was notified by the Department of Justice that there was evidence of a breach within its network. On December 15th, 2015 target confirmed this breach and destroyed the malware on its systems, though too little too late. Fourty million credit card numbers and seventy million sets of personally identifiable information including names, addresses, phone numbers, and personal identification numbers for debit cards were stolen. Interestingly enough, target had intrusion detection systems in place which warned the security operations center in Minneapolis at the beginning of the attack, though these warnings were left unanswered. Due to Target 's negligence, millions of pieces of personally identifiable information were exfiltrated from its network. Reportedly, the beginning of the breach relied on the compromise of contractor credentials who worked on target HVAC systems. These HVAC systems apparently were connected to targets secure private network without restriction, which clearly violates basic defense in depth and principle of least privilege components of any rudimentary security architecture. For the layman, the question is: Why would anyone in …show more content…

Target 's negligence illustrates a greater problem in society, the increasing reliance we have on computer systems to provide for our survival and the inherent danger the insecurity and design flaws of these systems poses in not just our financial lives, but perhaps our physical lives as well. Computer systems control delivery of our electricity, water supply, and the operation of dangerous manufacturing processes, nuclear power plants, and others dangerous machinery and critical infrastructure necessary for our survival. As time goes on data breaches and security lapses will only become increasingly severe, and it will be left to the hands of the information assurance professional to gauge risk and take appropriate measures to resolve the disparate emphasis between usability and

Open Document