Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security Vendors Self-Censor Target Breach Details

Posted by samzenpus on from the what-security-breach? dept.

angry tapir writes "At least three security companies have scrubbed information related to Target from the Web, highlighting the ongoing sensitivity around one of the largest-ever data breaches. How hackers broke into Target and installed malware on point-of-sale terminals that harvested up to 40 million payment card details is extremely sensitive. Now, details that give insight into the attack are being hastily removed or redacted by security companies."

7 of 115 comments (clear)

  1. Oh good by gamanimatron · · Score: 5, Insightful

    Without details about the attack vector and attacker behavior during and after the breach, we're left with "Well, someone broke in to their servers using [redacted] and then they did [redacted]." Totally frickin' useless for me when trying to secure our sites: "There's this horrible emerging threat that can fry your brand overnight, but we won't tell you what it is or give enough details for you to defend against it."

    Meanwhile, the guys in timbucktooistan can now order the proven exploit kit from their favorite BBS.

    Meh.

    --
    cogito ergo dubito
    1. Re:Oh good by abirdman · · Score: 5, Insightful

      I agree 100%. The security companies who advise the likes of Target aren't talking about the whole exploit-- indeed, are pro-actively hiding the details-- because they don't want to explain how their hideously expensive security best practices were utterly pwned by some foreigners who weren't interested in any of their acronyms. These security guys are like Stratfor-- pugnacious, pistol-packing, ex-military folk who think computer security is just a variation on any other kind of security detail, and are prepared to sell the hell out of their ideas, even when they can't secure their own passwords.

      --
      Everything I've ever learned the hard way was based on a statistically invalid sample.
  2. Target just couldn't handle this any worse by Sycraft-fu · · Score: 5, Insightful

    If they'd just come out and said "Yes, some evil hax0rs got in to our system and stole lots of cards. Stupid haxors, everyone hates those guys. Here's how they did it, here's what we are doing, and here's some security experts that are helping us," well people would probably be fine with it.

    Instead they are being all secretive and it makes people worry. They also are doing shit for notification. I always use my Target card when I shop at Target because it has the best bribes (5% off anything, since they actually run their own bank and don't have to pay payment processing fees on it). I have received zero notifications from Target about the compromise, and no new card. I know my card was hit, since I have friends who shop at the same store using non-Target cards that got notified, but Target hasn't done anything.

    I'm not worried, they have to deal with all the fallout of any unauthorized charges and the card can only be used at Target, but it is just extremely bad form. It shows a real lack of care and understand as to the severity of this. It really makes them look bad.

    If there's something history has show with regards to people and companies it is that you need to admit you fucked up, even if it wasn't your fault really, and show people how you are making it right. Then, they are happy and forgive. Get all secretive and hostile, and they'll get hostile right back.

    1. Re:Target just couldn't handle this any worse by phantomfive · · Score: 5, Insightful

      No one cares about backups until their hard drive crashes.
      No one cares about security until they get hacked.

      --
      "First they came for the slanderers and i said nothing."
  3. Wonder Why It keeps Happening? by rmdingler · · Score: 5, Insightful
    Now you know.

    No open resolution of a security breach so that particular vector of attack can be scrutinized by the retail industry and perhaps better guarded against.

    Better to control PR damage now than prevent a recurrence.

    --
    Happiness in intelligent people is the rarest thing I know.

    Ernest Hemingway

  4. One thing they are keeping quiet by Anonymous Coward · · Score: 5, Interesting

    is that it was an inside job. Basically, Target offshored the work, and now they are trying to figure out who released this virus. Getting India to cooperate is hard to do.

  5. Closing the Barn Door... by pcwhalen · · Score: 5, Informative

    ...after all the cows got out.

    Day late and a dollar short to worry about BlackPOS. Variants of "Dexter, first documented by Seculert in December 2012, is a Windows-based malware used to steal credit card data from PoS systems."

    http://www.arbornetworks.com/a...

    They have had 3 flavors so far:
    1.] Stardust (looks to be an older version, perhaps version 1)
    2.] Millenium (note spelling)
    3.] Revelation (two observed malware samples; has the capability to use FTP to exfiltrate data)

    I can buy any of these programs with a Tor browser, an ICQ client and some Bitcoin at any carder site on line.

    A little late to be worried about snippets of code.

    --
    Pay no attention to the man behind the curtain with all your metadata.