As the evolution of technologies and computers advance even further as time progresses, there have been a noticeable amount of cyber-attacks focused on big companies. This is concerning because many of us frequent these big-name places. One particular instance can be seen in the 2014 cyber-attack on The Home Depot. This incident affected the integrity of millions of payment cards owned by The Home Depot’s customers in the United States and Canada – around 56 million to be more precise . Cyber criminals were able to force their way into The Home Depot’s network where they then deployed malicious software in order to compromise network security. According to a public statement made by The Home Depot in 2014, the malicious software that the criminals used was “unique, custom-built malware, which had not been seen previously in other attacks.” This “custom-built” malware was able evade detection from The Home Depot’s network security due to its nature, and had been collecting data between April 2014 to September of the same year. The cyber criminals were able to successfully evade detection for around five months before The Home Depot finally noticed and addressed the issue. However, according to Smith, the reason for the malware’s ability to go undetected was due to it being a “zero-day virus” that could not be caught by traditional anti-virus software . This ultimately contributed to the overall time that the malware lingered in The Home Depot’s computer terminal systems. Due the scale of the attack, which was “most likely the largest breach ever seen of a retailer’s computer systems” , and all those affected by it, The Home Depot was quick to respond to the issue and come up with a solution. While still in the process of completely removing any traces of the malware from their systems, all affected terminals were quarantined and taken out of service. This effectively disconnected the cyber criminal’s gateways into The Home Depot’s network, and provided an opportunity for the company to regain complete control over its information systems. They were able to then focus all their resources on devising a way to better secure their terminals from future attacks such as this. As for a permanent solution to this threat, The Home Depot has gone through and made revisions to their payment security processes in order to strengthen their networks. According to the public statement they made, The company’s new payment security protection locks down payment data through enhanced encryption, which takes raw payment card information and scrambles it to make it unreadable and virtually useless to hackers.Additionally, this new and enhanced security practice involved writing thousands of new lines of code and installing almost 85,000 new payment terminals in their affected locations (throughout the United States and Canada). These new payment terminals would make transactions with payment cards much more secure through its utilization of the chip-and-pin feature which makes obtaining card information more difficult for attackers. It also provides an extra level of security through requiring a person to provide correct double-authentication to the terminal prior to any transaction.
September 4, 2019 0 Comments