The Target attack was a large-scale data breach during the 2013 holiday shopping season. The attack was carried out in several phases, as described below:
- Reconnaissance: The attackers gathered information about Target's network and systems. They used malware to infect point-of-sale (POS) devices in Target stores, allowing them to collect customer payment card information.
- Lateral Movement: Once the attackers had gained access to the POS devices, they moved laterally through Target's network, searching for valuable data. They used stolen credentials to access Target's payment processing system, where they found the payment card data they sought.
- Data Exfiltration: The attackers then extracted the stolen payment card data from Target's network and sent it to a remote server controlled by the attackers.
Target was not well-protected before the attack. The company failed to detect the malware on its POS devices and did not respond to warnings from its security team about the vulnerability of its payment processing system. Target's major vulnerabilities included poor network segmentation, lack of multi-factor authentication, and inadequate monitoring and logging.
The attack cost Target over $200 million in monetary losses, including expenses related to investigating the breach, offering credit monitoring to affected customers, and paying settlements to banks and credit card companies.
Target could have prevented or better responded to the attack by implementing stronger security measures, such as network segmentation, multi-factor authentication, and more comprehensive monitoring and logging. Additionally, Target could have responded more quickly and effectively to the breach by informing customers and law enforcement sooner and providing more detailed information about the attack.
Target discovered the attack when its security team detected unusual network activity related to its payment processing system. However, the company did not fully understand the scope of the attack until after it had already occurred.