Pre-Attacks: Don’t let Target’s Mistake be Your Mistake

Last year another major bank spent millions of dollars paying for Target’s mistake. Sadly, it didn’t have to be this way.

Shortly before Christmas, hackers worked their way into the financial structure of Target and stole financial information from as many as forty million consumers who used their debit cards and PINs to make purchases. Recently, Target revised that number. It said another system that stored the personal data of more than seventy million customers had been hacked.

Consumers were inconvenienced. Thousands worried that their credit cards might be paying for some thief’s purchases.

Although Target made some basic mistakes, their main mistake was complacency. Complacency allowed them to believe they were safe-and-sound behind their firewalls, which allowed the hackers to silently work for many days before they were successful. Hackers specialize in compromising firewalls.  Today’s firewalls are doing so much that they cannot protect from all types of hacking attempts.

Hack attacks of this nature are always predicated by numerous “pre-attacks”. These “pre-attacks” allow the hacker to feel out the firewalls and networks to determine which hack attacks would work the best. These “pre-attacks” sometimes take weeks or months until the real hack attempts start. Once the real hack attempts start, the real network pressure begins and can last for months.

Target’s main blunder in this case is that they did not properly monitor these various forms of “pre-attacks.” As a result, Target was hacked in the worst way. Pre-attacks come in many flavors and various disguises.  I’m sure that now that the attack has come and gone, Target security personnel are finally noticing the footprints of these “pre-attacks” and the final full hack attempts.

Unfortunately, Target is not alone.  These attacks are happening everywhere and to everyone, even small offices and home use PC’s.  Have you ever had to unplug and re-plug your home router to get your PC reconnected to the Internet?  Chances are that you have been subject to a dictionary attack that caused your router/firewall to freeze up.

Chase and Citibank had to send out millions of new credit cards and ATM cards to customers because of hacks.

Neiman Marcus also indicated that its systems have been hacked, although it will not say how bad the damage is.

There was a time about thirty years ago when this type of hacking would have been almost unthinkable. Back in the 80’s, hacking consisted of people dumpster-diving for charge card carbon paper impressions that they could use to duplicate charge cards and make illegal purchases. But with the growth of the Internet, wireless connectivity, and blue tooth, electronic connectivity is here to stay. The benefits of connectivity are great, but the liabilities are great as well.  Along with greater connectivity are even greater opportunities for hackers.

Years ago, most classic examples of hacking were done with a motive of notoriety and “street cred.” Now the motive is profit — and vandalism is becoming more common as criminals invest in acquiring the knowledge and technology for hacking.

Today, virtually every business in the U.S. is online.  And for all intents and purposes, “all computers are connected together.”  When one considers this fact, it is a very scary thought.

George Baldonado
Oasis Technology, Inc.
“We Put the Knowledge in Technology” ®

Do you want to make sure your organization doesn’t get hacked or pre-attacked? Contact Oasis Technology today. We have services and products to ensure that your data, systems, and entire network are secure.