Research Paper Final Draft Rev

Submitted By ETCEric
Words: 4514
Pages: 19
Open Document
HUMAN FACTORS, THREATS, CULTURE, LIABILITY
Team 2 Assignment #1
Eric Andrews, Helena Bergmann, Greg Fairchild, Harold Francis, Bryan Frank, Erik Schott
CSEC 620 9045
Professor McDavid

TABLE OF CONTENTS

1: Introduction……………………………………………………………………3

2: Target……………………………………………………………………….….3

2.1: Mission and Attacks………………………………………………………...3

2.2: Possible actors and cultural factors…………………………………………4

2.3: Policy and Regulation……………………………………………………….6

3: Neiman Marcus…………………………………………………………………8

3.1: Mission and Attacks…………………………………………………………8

3.2: Possible actors and cultural factors………………………………………….10

3.3: Policy and Regulation……………………………………………………….11

4: Home Depot…………………………………………………………………….12

4.1: Mission and Attacks…………………………………………………………12

4.2: Possible actors and cultural factors………………………………………….13

4.3: Policy and Regulation……………………………………………………….15

5: Conclusion………………………………………………………………………16

6: References………………………………………………………………………17
.
1: Introduction
2014 was a banner year for cyber attacks against major retailers. Cyber attacks on Target, Home Depot, and Neiman Marcus were responsible for exposure of account information of millions of unsuspecting customers. These attacks were carried out through the introduction of malware into the local area network of these retailers through the point of sale terminals located at the checkout counters. In this paper, we will discussion the mission of these companies, the method the attackers used to gain access to the accounts, the culture of the threat actors, and the policies that lead to this failure to secure networks against possible attacks.
2: Target
2.1: Mission and Attacks
“Our mission is to make Target your preferred shopping destination in all channels by delivering outstanding value, continuous innovation, and exceptional guest experiences by consistently fulfilling our Expect More. Pay Less.® brand promise” (Target Mission, Values & Stories Behind Them, n.d.).
The Target attack was one of the largest cyber attacks on a retailer. Target was attacked with malware that stole credit and debit card information. The estimation is that, during the attack, the criminals were able to steal approximately 40 million credit card numbers (Krebs, 2014). The credit card numbers would then be used to make clone cards, or the numbers would be sold on various underground websites. The attack was a continuation of other recent attacks on retailers such as Home Depot and TJ Max. What makes the attack interesting is that it originated from a third-party vendor.
Access was gained into the Target network by using a third-party vendor. An HVAC company located in Pennsylvania was given permission to access Target's systems remotely. Although there is some debate if the HVAC company were given access to monitor the environmental controls or for billing reasons, what is not debated is that the hackers stole the credentials and sign-in for the HVAC company, using it to gain access to Target's systems (Krebs, 2014). These types of attacks are becoming more common. Third-party vendors tend to have less-robust security systems in place but are given access to large organizations. Target's systems were not segregated; access to one system allowed the hackers the ability to access other systems. Even following PCI standards, retail systems are still viewed as outdated against current threats (Zetter, 2014). The direct impact on Target was a downturn in customer traffic to their stores and a significant loss of revenue since the attack occurred during the critical holiday shopping season. Target is looking at losses related to the data breach at several hundred million dollars (Ziobro, 2014). If it's clear that Target ignored signs of an attack and didn’t implement proper security, they will have to deal with further liability issues, lawsuits and fines.
2.2: Possible Actors and Cultural Factors
After the fall of Soviet Union, the Eastern
Show More

Related Documents: Research Paper Final Draft Rev

Syllabus: Writing and Class Essay

business documents—including, for example, memos, letters, emails, and reports—using appropriate headings, layout, and typography by applying rules of document purpose and design. 4. Conduct tax and business research using a broad range of sources by applying secondary and primary methods of research such as utilizing databases, open sources, practicing key word searches, and conducting interviews. 5. Synthesize and evaluate the quality of collected information by critically analyzing the value, credibility…

Words 3431 - Pages 14

Accounting Theory And Practice Final May 2014 Essay

begin by providing a brief background of FVA and the financial crisis. This will lead to an in-depth examination of the fundamental issues. An assessment and evaluation will be made of any changes to the accounting profession as a result of this research. One of the findings reveals the blame towards FVA is from the banking industry, which majority hold responsible for the crisis. BACKGROUND There is no one specific definition associated with FVA. FASB (Fasb.org, 2014) defines Fair Value as the…

Words 3561 - Pages 15

Guide for resume Essay

academic resumes (C.V.s), please see our handout Specialized Resumes: The Arts and Academia. D R E W H A L L , N O R T H A M P T O N , M A 0 1 0 6 3 4 1 3 . 5 8 5 . 2 5 8 2 W W W . S M I T H . E D U / L A Z A R U S C E N T E R rev 08/13 L A Z A R U S @ S M I T H . E D U A Resume and Cover Letter—Your Marketing Team Effective resumes and cover letters are essential partners in your job or internship search. The cover letter introduces you and your resume to the reader…

Words 6819 - Pages 28

Essay about Asbergers Report

this, its prevalence is not firmly established.[1] It has been decided that the diagnosis of Asperger's be eliminated in DSM-5, to be replaced by a diagnosis of autism spectrum disorder on a severity scale.[9] The exact cause is unknown. Although research suggests the likelihood of a genetic basis,[1] there is no known genetic etiology[10][11] and brain imaging techniques have not identified a clear common pathology.[1] There is no single treatment, and the effectiveness of particular interventions…

Words 9740 - Pages 39

Project Management Essay

| |Revision/WorkSite # |Date of Release |Owner |Summary of Changes | |Initial Draft - SIDdocs |06/30/2004 |SID - PMO |Initial Release | |OSI Admin #4306 |04/09/2008 |OSI - PMO |Incorporated Cost Management Plan tailoring…

Words 7592 - Pages 31

Essay about brinkley12AP im ch07

Chapter 7 The Jeffersonian Era The AP instructional strategies discussed below for Chapter 7 of American History: A Survey focus especially, but not exclusively, on the following themes developed by the AP U.S. History Development Committee: American Identity, Culture, Demographic Changes, Economic Transformations, Environment, Politics and Citizenship, Religion, and War and Diplomacy. This chapter, as well as the primary documents selected below, follows the content guidelines suggested for the…

Words 8043 - Pages 33

Sources of Ethics Essay

TABLE OF CONTENTS 1.0- JOHN STEINER AND GEORGE STEINER SIX PRIMARY SOURCES OF ETHICS: 6 1- Religion: 6 2- Genetic Inheritance: 8 3- Philosophical Systems: 8 4- Cultural Experience: 8 5- The Legal System: 9 6- Codes of Conduct: 9 2.0- EXPLANATION OF THE SOURCES OF ETHICS: 10 2.1- RELIGION: 10 Teaching business ethics 12 2.11- Impact Of Religiosity: 13 2.12- Ethics Of Islam: 14 Nature of Islamic Ethics 17 The Human-Environment Relationship: 20 The Sustainable…

Words 20200 - Pages 81

Sustaining the Innovation Process: the Case of Rolls-Royce Plc Essay

Acknowledgements We would like to thank Joe Lampel for comments on an earlier draft of the chapter. This research was funded by the Targeted Socio-Economic Research (TSER) Programme of the European Commission (DGXII) under the Fourth Framework Programme, European Commission (Contract no.:…

Words 13947 - Pages 56

Managing Information Technology (7th Edition) Essay

CONTENTS: CASE STUDIES CASE STUDY 1 Midsouth Chamber of Commerce (A): The Role of the Operating Manager in Information Systems CASE STUDY I-1 IMT Custom Machine Company, Inc.: Selection of an Information Technology Platform CASE STUDY I-2 VoIP2.biz, Inc.: Deciding on the Next Steps for a VoIP Supplier CASE STUDY I-3 The VoIP Adoption at Butler University CASE STUDY I-4 Supporting Mobile Health Clinics: The Children’s Health Fund of New York City CASE STUDY I-5…

Words 239873 - Pages 960