1 / 6100%
Runningi Head:i TARGETi CORPORATION
1
CIS512i Weeki 8i Assignment
Strayeri University
Mayi 28,2022
TARGETi CORPORATION
2
Targeti Corporation,i ai well-knowni America-basedi generali merchandisei retail,i wasi
involvedi ini ai seriousi cyberi breachi incidenti ini thei yeari 2013.i Thei securityi breachi incidenti hasi beeni
criticallyi analyzed.i Thei manneri ini whichi thei companyi becamei awarei ofi thei breachi hasi beeni
identified.i Additionally,i thei impacti ofi suchi ani issuei oni thei customersi ofi thei businessi entityi hasi
beeni identifiedi sincei theyi acti asi itsi keyi stakeholders.i Thei securityi controlsi thati Targeti couldi havei
implementedi toi preventi suchi datai breachi fromi takingi placei isi recommended.i Ultimatelyi howi thei
incidenti alteredi thei securityi practicesi ofi Targeti andi otheri companiesi hasi beeni explored.i
Securityi breachi ati Targeti
Ati thei endi ofi 2013,i Targeti Corporationi wasi targetedi byi cybercriminals.i Morei thani 70i
millioni customersi ofi thei businessi entityi werei affectedi byi suchi ani incident.i Iti isi consideredi toi bei
onei ofi thei majori securityi breachi incidentsi everi toi havei takeni placei ini history.i Duei toi thei securityi
breach,i onlinei hackersi werei ablei toi steali thei financiali asi welli asi personali datai ofi customers.i Theyi
werei ablei toi exploiti thei vulnerabilityi pointi ofi onei ofi itsi vendorsi ofi Targeti calledi Fazioi Mechanicali
Services.i Businessi entitiesi thati operatei ini contemporaryi timesi relyi oni thei interneti toi carryi outi theiri
typicali businessi operations.i So,i thei existencei ofi anyi vulnerabilityi ori securityi gapi cani havei ai
detrimentali impacti oni theiri survivali andi sustainabilityi (Driasi eti al.,i 2015).i Ini thei casei ofi thei Targeti
business,i hackersi withi maliciousi intentionsi werei ablei toi exploiti ai vulnerabilityi ofi thei firmi andi geti
theiri handsi oni confidentiali andi sensitivei data.i Theyi hadi goti unauthorizedi accessi toi thei paymenti
cardi data,i whichi affectedi almosti 40i millioni customeri accountsi thati werei involvedi ini debiti andi
crediti cardi purchasei transactionsi ini thei store.i
Target’si awarenessi abouti thei securityi breach
TARGETi CORPORATION
3
Ini Novemberi 2013,i thei securityi operationsi personneli workingi ini Bangalore,i India,i
receivedi ai notificationi thati statedi thati maliciousi activitiesi hadi beeni recordedi ini thei organization’si
network.i Eveni thoughi thei companyi wasi alertedi ofi thei message,i iti didi noti takei anyi measures.i Thei
companyi tooki thei matteri seriouslyi andi startedi conductingi ani investigationi onlyi wheni iti wasi
contactedi byi thei U.S.i Departmenti ofi Justicei abouti ai probablei securityi breach.i Afteri thei
cybersecurityi ofi thei Targeti companyi hadi beeni breached,i thei companyi hadi noti issuedi anyi formali
statementi ori madei anyi disclosuresi toi thei public.i Iti wasi firsti reportedi byi Briani Krebs,i ai Securityi
Journalist.i Sooni afteri thei informationi wasi postedi andi thei generali publici becamei awarei ofi thei
situation,i Targeti issuedi ai publici statementi statingi thati iti wasi awarei ofi ai securityi breachi incidenti
thati hadi affectedi itsi cybersecurityi framework.i i
Impacti ofi thei securityi breachi oni Target’si customers
Thei customersi ofi Targeti werei onei ofi thei chiefi stakeholdersi thati werei seriouslyi affectedi byi
thei cybersecurityi breachi incident.i Thisi isi becausei onlinei hackersi couldi steali aroundi 40i millioni
debiti andi crediti cardi accountsi betweeni Novemberi 27i andi Decemberi 15,i 2013.i Thei customersi thati
werei ati thei receivingi endi ofi thei securityi incidenti werei thei guestsi whoi hadi madei purchasei
transactionsi ini thei U.Si storei usingi theiri crediti ori debiti cards.i Ini additioni toi thei paymenti detailsi
beingi stolen,i thei otheri kindsi ofi informationi ofi thei customersi thati werei stoleni byi onlinei hackersi
includedi theiri names,i phonei numbers,i addresses,i asi welli asi emaili addresses.i Afteri thei incidenti wasi
disclosed,i thei leveli ofi trusti thati customersi hadi ini Targeti wasi shaken.i However,i thei companyi wasi
successfuli ini amendingi thei relationshipi withi them,i andi thei incidenti managementi approachi thati
wasi adoptedi byi thei businessi entityi helpedi Targeti toi regaini thei trusti ofi itsi customersi andi carryi oni
withi itsi businessi operationsi asi ai successfuli retailer.i i
TARGETi CORPORATION
4
Recommendedi securityi controlsi fori preventingi thei datai breachi incidenti
Ai numberi ofi preventivei measuresi couldi havei beeni adoptedi byi thei Targeti businessi toi
preventi suchi ai datai breachi incidenti fromi occurring.i Onei ofi thei maini stepsi thati thei businessi entityi
shouldi havei takeni wasi toi usei intrusioni detectioni andi preventioni toolsi afteri receivingi ani alerti fromi
thei securityi operationsi personneli ini Bangalore.i Instead,i thei companyi failedi toi takei anyi actioni andi
siti oni thei information.i Iti isi essentiali toi respondi promptlyi toi potentiali cybersecurityi breachi
instancesi soi thati thei extenti ofi damagei cani bei curtailedi ini ani effectivei andi efficienti manner.i Thus,i
thei firsti securityi controli thati thei companyi shouldi havei adoptedi wasi usingi effectivei intrusioni
detectioni andi preventioni technologiesi whichi wouldi havei helpedi toi monitori thei networki andi
identifyi anyi maliciousi ori suspiciousi activitiesi withini iti (Azhagirii eti al.,i 2015).i
Sincei thei hackersi werei ablei toi causei thei breachi byi targetingi ai vendori ofi thei business,i
Targeti Corporationi couldi havei segregatedi itsi networki amongi itsi vendorsi soi thati itsi sensitivei
businessi andi customeri informationi wouldi noti bei ati riski becausei ofi thei weaki cybersecurityi
frameworki ofi itsi vendors.i Wagneri hasi identifiedi networki segregationi asi ai usefuli andi effectivei
securityi measurei thati involvesi thei creationi ofi partitionsi withini ai networki (Wagneri eti al.,i 2016).i Byi
adoptingi suchi ai preventivei measure,i Targeti wouldi havei beeni ablei toi restricti thei maliciousi
activitiesi ofi thei onlinei hackers,i andi thei extenti ofi thei damagei couldi havei beeni reduced.i Suchi stepsi
couldi havei actedi asi effectivei securityi controli measuresi thati wouldi havei helpedi Targeti toi preventi
ori reducei thei damagei thati tooki placei becausei ofi thei cybersecurityi breachi incident.
Impacti ofi thei datai breachi ati Targeti oni securityi practicesi ofi Targeti andi otheri companies
Thei datai breachi incidenti involvingi Targeti Corporationi wasi andi isi stilli consideredi toi bei
huge.i Iti noti onlyi alteredi thei securityi practicesi ofi Targeti buti alsoi thati ofi otheri companiesi thati cani
TARGETi CORPORATION
5
becomei victimsi ofi maliciousi cybercriminalsi andi onlinei attackers.i Afteri thei breachi incidenti
occurred,i Targeti tooki ai seriesi ofi stepsi ini orderi toi preventi similari incidentsi fromi recurringi ini thei
futurei andi strengtheni itsi securityi posture.i Fori instance,i iti createdi ai Cyberi Fusioni Centeri andi
offeredi freei crediti cardi monitoringi provisionsi toi itsi customers.i Ini additioni toi takingi thesei
measures,i Targeti Corporationi alsoi implementedi POSi terminalsi byi integratingi chipi readers.i Suchi
stepsi shedi lighti oni thei effortsi thati thei companyi tooki fori strengtheningi itsi securityi frameworki andi
minimizingi thei riski ofi otheri kindsi ofi cybersecurityi attacks.i
Thei securityi frameworki thati wasi adoptedi byi otheri businessi entitiesi wasi alsoi influencedi byi
thei securityi breachi incidenti involvingi thei Targeti business.i Theyi focusedi oni strengtheningi theiri
respectivei cybersecurityi frameworksi soi thati theiri vulnerabilityi ini thei virtuali settingi couldi bei
minimizedi andi onlinei hackersi wouldi havei limitedi scopei toi invadei theiri networks.i Fori instance,i
afteri thei incident,i Walmarti andi Homei Depoti installedi chipi readersi oni theiri respectivei POSi
terminalsi toi havei betteri protectioni againsti individualsi withi maliciousi intent.i Thisi measurei isi
consideredi toi bei usefuli ini minimizingi riski relatingi toi thei thefti ofi paymenti cardi detailsi fromi POSi
systemsi (Adeoti,i 2013).i
References
Adeoti,i O.i O.i (2013).i Challengesi toi thei efficienti usei ofi pointi ofi salei (POS)i terminalsi ini Nigeria.i
Africani Journali ofi Businessi Management,i 7(28),i 2801.
Azhagiri,i M.,i Rajesh,i A.,i &i Karthik,i S.i (2015).i Intrusioni Detectioni andi Preventioni System:i
Technologiesi andi Challenges.i Internationali Journali ofi Computeri Networksi andi
Communicationsi Security,i 3(10),i 384-395.
TARGETi CORPORATION
6
Drias,i Z.,i Serhrouchni,i A.,i &i Vogel,i O.i (2015,i August).i Analysisi ofi cyberi securityi fori industriali
controli systems.i Ini 2015i internationali conferencei oni cyberi securityi ofi smarti cities,i
industriali controli systemi andi communicationsi (ssic)i (pp.i 1-8).i IEEE.
Wagner,i N.,i Şahin,i C.i Ş.,i Winterrose,i M.,i Riordan,i J.,i Pena,i J.,i Hanson,i D.,i &i Streilein,i W.i W.i
(2016,i December).i Towardsi automatedi cyberi decisioni support:i Ai casei studyi oni networki
segmentationi fori security.i Ini 2016i IEEEi Symposiumi Seriesi oni Computationali Intelligencei (SSCI)i
(pp.i 1-10).i IEEE.
Students also viewed