Cybercrime How Target's Air Conditioning Let in a Cyberattack

upnorth

Level 68
Thread author
Verified
Top Poster
Malware Hunter
Well-known
Jul 27, 2015
5,458


Quote: " The bigger the business, the more suppliers. And more internet-connected devices everywhere means cybercriminals have more ways in.

In this episode, Eliza-May Austin, CEO and co-founder of cybersecurity start-up th4ts3cur1ty.company (That Security Company,) explains how cybercriminals stole 40 million people’s card details from US retail giant Target with an attack that began in their air conditioning system. You read that right. It started with an employee at Target’s air conditioning supplier clicking a link in a phishing email, injecting malware into their system. Target had remote access to monitor their air conditioning units, and that remote access was through the same network where cybercriminals could access personal data. They got inside point-of-sale devices and pulled customer card details from the machine’s memory. The attack cost Target some 61 million US dollars.

These kinds of attacks aren’t new, but they’re becoming more common and harder to detect. Apple and computer hardware makers ASUS are among those who’ve been targeted. Energetic Bear was a significant attack on critical energy infrastructure. Cybercriminals began the attack with spear phishing – targeting specific people with customized emails and making a hit list of potentially vulnerable suppliers. In 2017, Kaspersky researchers discovered a ‘backdoor’ (dubbed ShadowPad) in server management software hundreds of large businesses use. When activated, the backdoor let attackers download malicious modules and steal data. The researchers notified the suppliers, NetSarang, who pulled down the compromised software and replaced it with an earlier clean version. Sometimes, there is no clean version. Noushin Shabab, Senior Security Researcher at Kaspersky, explains how supply chain attacks can start as software is being developed. “Cyberattackers compromise software by getting inside software used by developers – the development environment. That way malicious code can end up on many businesses’ networks.” "

Full source:
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top