IntelCrawler has identified the author of the malware that infected Target as a Russian teenager. According to the California-based security firm, this 17-year-old is also believed to have created the malware that infected Neiman Marcus.
The teenager is not believed to have launched the actual attacks. However, he sold more than 60 versions of the software to cybercriminals in Eastern Europe and other countries, IntelCrawler explained. “He is still visible for us, but the real bad actors responsible for the past attacks on retailers such as Target and Neiman Marcus were just his customers,” said IntelCrawler president Dan Clements.
IntelCrawler said that the attackers who purchased the software hacked the retailers’ systems either by entering default passwords, or by trying various username/password combinations until they struck gold (a practice known as “brute force password hacking”). In an interview with Computerworld, Clements noted that many retailers never change default passwords on POS terminals, which is a common problem that has been observed by the PCI Security Standards Council.
Additionally, there do not appear to be many restrictions on who can access remote POS servers in numerous retailers, IntelCrawler CEO Andrew Komarov told The Washington Post. This type of easy access could allow hackers to reach back-office servers which contain pools of data from multiple stores.
Komarov first identified the software last year and reported it to Symantec and other security firms. IntelCrawler said it has identified attacks on at least six other US retailers, as well as attempted attacks on retailers in Australia and Canada.
In today’s digitally connected world, infinite quantities of data are produced by consumers daily at a mind-boggling pace and volume. With under three months left to prepare, here are four areas for businesses to consider, to make sure they are ready for GDPR implementation.
Cash-flow based metrics now feature prominently alongside traditional revenue measures of business performance in the key figures or financial summary pages of any public company.
GTNews asks Pugsley about what advice she would give to treasurers dealing with mergers and acquisitions, what the key challenges for her year ahead will be and how she is selecting a treasury management system (TMS).
The US money market fund reforms came into effect in 2016 and are already dramatically shaping US fund industry with investors flooding out of prime funds and into government securities. While the reforms are similar, they are not the same. GTNews interviews Yeng Bulter, global head of the cash business at State Street Global Advisors on the differences.