Jennifer Bjorhus reports:
The U.S. Secret Service has called the criminals behind Target Corp.’s monster security breach well-organized, “highly technical” and “sophisticated.”
But cybersecurity firm McAfee Inc. said in a report out Monday that the heist was anything but exotic, describing the attack as a Breach 101 operation.
The thieves used easily modified off-the-shelf malware, common methods to hide the malware inside Target’s point of sale system and didn’t encrypt either the instructions on where to send the stolen card data or the card information itself as it was being transmitted out of Target to a remote server, a data stream that should have been detected and caught, McAfee said in its fourth quarter threats report.
Read more on Star Tribune.