A number of retail establishments have been the “target” (the irony is not lost on this author) of hackers who have decided to attack a part of the business that isn’t normally thought of as a risk vector – the cash register. In the past we have seen most of the activity in hacking pointed to the network resources that sit behind the firewall. What makes the Target-style hack so interesting is two fold. First, it is the technique used to exploit the machine itself (of which Brian Krebs does an excellent job of writing up), but more importantly, it is the way the network was compromised and the potential liability which may be attached to management, personally.
Continue Reading Target: Remember Your Vendors