Cyber Security Question
Introduction – Target, a large US retailer headquartered in Minneapolis, suffered a massive data breach in 2013 that compromised some 40 million customer debit and credit cards, as well as personal information of an additional 70 million customers (about 20 percent of the US population). Public consternation over this and other data breaches led to accelerated deployment of chip-embedded (EMV) credit cards; renewed appreciation of the need for network segmentation, third-party oversight, and logging analytics; dismissal of key corporate executives; damaged company stock market performance; and a call for better sharing of cyberthreat intelligence.
Review the resources and other Internet sources on the Target data breach. Also research ways in which remote access by third parties into an organization’s network resources can be contained. Develop an attack tree diagram to describe the possible exploits that could have been used to exploit Target’s vulnerabilities and highlight the actual attack path used. Write a brief case study analysis that highlights procedures that should be implemented to reduce the probability of future attack due to a third party vendor’s vulnerability.