Speaking to the Wall Street Journal a few days ago, a spokeswoman for Target confirmed that the attack was facilitated by credentials stolen from a third-party vendor. This latest revelation undoubtedly demonstrates the significant risk posed by unsecured, unmonitored access credentials and the importance of securing ‘privileged user’ accounts.
Attackers have clocked the easy way in; they’re going after the weaker spots on the network to get a foot in the door. Low-level employees or temporary outside contractors are often the low hanging fruit for cybercriminals. And, once compromised, their ID credentials can be used by hackers to cause widespread chaos. Unfortunately, as systems have become more closely interconnected and with increasing amounts of private and confidential data being shared between these networks, the risk posed by ‘insiders’ has ballooned.
For organisations working with partners, you need to make stronger demands of them that your data remains secure throughout their infrastructure as a minimum bar for engaging in business. From there, identify who your privileged users are and limit their access accordingly – set up rules so that users that need to handle data can’t actually read or edit information within data files, but can still move them around as their job requires. No entry point can be overlooked or underestimated, each must be taken into equal consideration and protected accordingly.
As more evidence from the forensic investigation into the data breach comes to light, and with analysts now anticipating that the retailer could face up to $1.1 billion in fines, let this be a cold wake up call to businesses of all sizes. It is your responsibility to ensure your sensitive data is protected. Data itself is defenceless, and so it must be protected by any means necessary.