network intrusion attack
The article (Breach, 2014) explains about the real-world scenarios where there was a network intrusion attack performed by cyber thieves and were successful in stealing financial and customer personal identification information from one of the largest retailer companies, “Target”. The intrusion was a major blow to the company’s security because of the loss of about 110 million user’s sensitive information. Intrusion Kill Chain Framework was used to detect and analyze the type of attack and other critical information. A malware was installed on Target’s point of sales system which transferred the information such as credit/debit cards to a European server. Target’s FireEye malware intrusion detection system sent alerts about the intrusion but negligence from the IT department has created this situation because they did not take any action.
Target’s network and system intrusion:
The malware that was installed on the target’s system has collected about 11 GB of stolen user critical information during target’s busy hours and transferred the data using FTP to Russian based server (Breach, 2014). The access to the Target’s system was gained by stealing credentials from an HVAC and refrigeration company, Fazio Mechanical Services which had a remote connection to the Target’s network. The Kill Chain (Breach, 2014) was used as a cybersecurity tool to detect intrusions related to the network and software. The kill chain system has proposed a solution to the traditional software installation. Traditional software installation assumes that the system is ready to detect and fight intrusion related to network and security. However, the improvised solution proposes that the intrusion detection systems should continuously monitor the logs on the server and other systems to verify if the access is legitimate, if not take immediate action.
Target breach is one of the biggest security breaches in history. Security vulnerabilities increase with the advancement of the technology which makes the outdated intrusion detection systems to fail to protect from network and system intrusions. The tools like kill chain will help companies to keep the systems secure and locked down.
Breach, T. D. (2014). A “Kill Chain” Analysis of the 2013 Target Data Breach.