Evaluation Of A Vendor Stolen Credentials Used Log Into A Server Application

1098 Words Jul 28th, 2015 5 Pages
To assess the situation a vendor stolen credentials were use log into a server application. With the vendor credentials the hacker was able to evaluate the environment and deploys five versions of the malware. The insertions of malware were all disguised as components in the data center. With the Zeus virus being deploy they waited until they could gain access to an active directory credentials. Once achieve higher level credentials the hackers were able to access POS system and begin the theft process. The FireEye product and Symantec Endpoint Protection actually detected the malware and off shore team became aware and forward the information to Minneapolis security team in which no action occurs. If the correct framework was in place we would see that security policy administration and security enforcement being applied. The environment had the correct tools to allow the team to evaluate the situation and understand the issue it was facing. The servers needed enforcements of service pack version, firewall, and antivirus. It’s hard to say what policies were set for Target’s structure. Without proactive audits to confirm the framework then security administration and enforcement is difficult to achieve. With the structuring of a framework then you can lead into standard methodology. In an article written by Teresa Pereira and Henrique Santos, A security framework for audit and Manage Information System security. With that being said with the proper framework the article…

Related Documents