What would you say is worse than being hacked? My answer is “not knowing” who hacked you. Without having any idea of From where, By whom or Why, some companies have trouble even determining what was stolen when today’s pirates only copy the information and leave it in place. I have coined these types of attacks as “in-place attacks!” These are hacks where the target does not even know anything is missing so no security measures are taken after the fact.
For example, someone takes your wallet out of your jacket at a party. They copy your credit card and address from your driver’s license. They then return everything back to your coat pocket without you knowing that it was ever missing. Your account could be wiped out without you even knowing you were robbed.
In the case of Target being hacked, authorities are now still trying to figure out who hacked the large retailer. A 17 year old? The Russian mob? They have figured out the how. They know the why. They almost know the location from which it was done. But there are still many questions that remain. Was that the only intrusion? Are there other access points? Are they safe now? The fact that the Target stock price has yet to regain its strength demonstrates that consumers are wondering the same thing.
As embarrassing as this incident is for Target, it gives businesses today a “heads up.” How secure is your online commerce site? Do you truly have a grasp on your vulnerabilities? When was the last time you had a 3rd party assessment done, end to end? Have you securely closed all of your “windows and doors” in your infrastructure? How long would it take you to know that you were a victim of an in-place attack?
At TxMQ we have specific skills on governance, security and eCommerce that will allow you to build a new system or “harden” an existing one. We also offer assessment services where we can help you identify current gaps.
What do you think?
TxMQ: Learn more!