Why Did Target Get Hacked?
A Look at the HVAC/Refrigeration Connection
Almost two months after Target reported a massive data breach that put the personal data of up to 70 million customers at risk, a security researcher has uncovered new details about how the attackers may have gained access to the retailer's network.
KrebsOnSecurity reported that the attackers may have exploited a vulnerability in Target's HVAC (heating, ventilation, and air conditioning) system to gain access to the company's network.
HVAC Systems as Entry Points
The massive Target breach led to revelations that many companies use Internet-connected HVAC systems to remotely monitor and control their building's climate.
After drilling down into Target's website, Krebs found a page listing HVAC and refrigeration companies that had worked with the retailer in the past.
Krebs theorized that if one of these companies had been compromised, the attackers could have gained access to Target's HVAC system and used it as an entry point into the company's network.
Exploiting the Lack of Modern Security
The answer is because Target -- like many other organizations that manage a relatively modern store -- relies on third-party vendors to manage its HVAC system.
These vendors often have remote access to the HVAC system in order to troubleshoot problems and perform maintenance.
If one of these vendors is compromised, the attackers could gain access to the HVAC system and use it to launch an attack on the company's network.
This is just one example of how attackers are increasingly exploiting vulnerabilities in third-party systems to gain access to corporate networks.
Organizations need to be aware of these risks and take steps to mitigate them by implementing strong security measures and working with trusted vendors.
Comments