M7 D1

The Target Security Breach
Name:
Institution:
The Target Security Breach
Summary of the Target security breach
The target security breach occurred in November and December of the year 2013. It is worth noting that Target is one of the largest American retail companies. The attackers managed to access the computer network that belonged to the Target. Upon gaining access, they stole both the personal as well as the financial information that belonged to their clients. The stolen information was in the form of the card’s details that the Target shop was using the period of the November 27 and December 18. The card details included the type of the card, the track data, the cards expiry date, the issuing bank, the country of origin, and the rate of usage of the card. The number of the affected clients that were affected by the attack were estimated to be over 110 million. After stealing this vital information, they went further to transfer them to another server that was found in the Eastern Europe (Committee on Commerce, Science, and Transportation, 2014).
The vulnerabilities that enabled the Target security breach to occur
From the presented data, it can be argued that the main cause of this widely publicized security breach is negligence, which made the Target vulnerable to the attack. The negligence on the side of the Target was responsible for their failure to detect and eliminate the attack. These negligence includes giving the third party (a small Pennsylvania HVAC company) network access by the Target.

It is believed that it is from this third party where the attackers managed to gain access to the Target’s network. Besides, Target assumed and failed to respond to the warning signs from the anti-intrusion software that pointed that malware was being installed in their system. Additionally, Target failed to isolate their most sensitive network assets from the less sensitive ones. Therefore, the attackers were able to access the Target’s sensitive information from the less sensitive network assets such as the consumer data (Committee on Commerce, Science, and Transportation, 2014).
The type of cyber-attack associated with the Target security breach and how it was resolved
The “RAM scraping” attack is the type of the cybercafé-attack associated with the target security breach. It was resolved that this cyber cafe attack was possible simply because the Target failed to follow the intrusion kill chain framework. The intrusion kill chain program is an analytical tool that is used by both the public and private sectors to protect their data from any potential attack. The analysis pointed out that Target indeed missed several chances that were presented along the kill chain to prevent and stop the attackers from accessing the Target’s data (Committee on Commerce, Science, and Transportation, 2014).
I agree with the positive side of the Target breach that it has indeed improved the cyber cafe security. This is because the majority of the organizations are currently implementing the intrusion kill chain program as required. However, several efforts still need to be made as a measure of improving cybercafé security. One of such measures is continuous monitoring of the systems for any potential sign of attack. Besides, any organization should not reveal their network access to the third party. There are several lessons that can be learned from the Target security breach for the purpose of the risk assessment in the homeland security. First, the segmentation of the network is necessary. Second, the oversight of the third party is part of compliance. Third, the retailers are also liable for the security breaches. Fourth and last, the organization should improve sharing of the cyber cafe threat intelligence (Committee on Commerce, Science, and Transportation, 2014).
Reference
Committee on Commerce, Science, and Transportation. (2014). A “Kill Chain” Analysis of the 2013
Target Data Breach.