Schnucks supermarket chain struggled to find breach that exposed 2.4M cards

Companys experience highlights growing sophistication of attacks, analysts say

By , Computerworld |  Data Protection

Increasingly, attackers have been resorting to techniques like hiding stolen data inside legitimate files and encrypting data to evade detection. "They cloak their malware or hide it within seemingly innocuous files so that it's very difficult to detect," she said.

Existing forensics tools are not good enough at finding these attacks within hours, or even days, she said. "And the network and enterprise security tools are not smart enough to detect the hacking ... when it occurs.

"What's needed, and what some tech startups are working on, is behavioral modeling, base-lining and profiling of all nodes and communication ports in an internal network so that abnormal activity and communications can be detected -- even if the activity is only active a few seconds a week," Litan said.

"Of course this is very difficult to pull off without a lot of false positives and noise in the system, but this is what's needed," she added.

Jim Huguelet, principal of the Huguelet Group LLC, a firm that advises companies on compliance with credit card security standards, said the amount of time it took Schnucks to isolate the cause of the breach is longer than is typical.

"This could indicate that the malware was custom-written for Schnucks' environment or utilized unique techniques to hide its existence," he said.

"The number of cards compromised is significant given the relatively small size of the Schnucks chain and just proves that retailers of all sizes must be diligent in their protection of their payment processing systems," Huguelet said.

Schnucks did not respond to a request for comment.

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed. His e-mail address is jvijayan@computerworld.com.

See more by Jaikumar Vijayan on Computerworld.com.

Read more about cybercrime and hacking in Computerworld's Cybercrime and Hacking Topic Center.


Originally published on Computerworld |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Ask a Question
randomness