4. HACKERS often research which outside contractors/vendors have remote access to the networks
of large corporations because they make easier targets.
?
VENDOR
This attack method is known as "island hopping" and is more common than you’d think.
Very sophisticated cyber attack operation
CAMetz
Security Consultant
5. HACKERS
tricked an outside vendor employee into
URGENT!!
SUBJECT: YOUR WEDDING PHOTOS!
FROM: ABC PHOTOGRAPHY!
TO: MR. XY%(HLio!
DATE: 13 February 2014!
Dear Customer,!
We have some important information about your account. Please click the
link below to contact one of our representatives!
!
Dear Client,!
We have some important information about your account. Please
click the link below to contact one of our representatives.
clicking on a malicious email!
CAMetz
Security Consultant
6. The vendor employee with access to Target's network fell for a
"spear phishing” attack.
HACKERS sent malware-laced emails that appeared to come from
trusted sources, which took over vendor employee’s computer.
Once HACKERS gained access to the vendor employee’s computer,
they penetrated Target's system and stole the retailer's payment
card data.
CAMetz
Security Consultant
7. HACKERS
TARGET
virus
NETWORK
VENDOR
Researchers at a cloud security company found 55,000 so-called HVAC vendors that are
connected to the Internet.
Many vendors ignore basic computer security measures.
Reportedly, Target may not have realized the phishing attack initially, because the company
was using a free anti-malware program that does not offer real-time protection against
threats.
CAMetz
Security Consultant
8. DON’T BE A TARGET!
ELIMINATE
VULNERABILITIES TO
YOUR SYSTEMS AND
SENSITIVE DATA
INCREASE YOUR
SECURITY TRAINING
AND EDUCATION
PROGRAMS
Engage your IT personnel more frequently.
Tap into the experience of your security personnel.
Ensure you have a strong, solid anti-virus program program to guard your systems.
Implement regular employee security training and education programs and sessions.
IT’S A START!
CAMetz
Security Consultant