Case study on Home Depot | Free Assignment Samples
Analyzing the case study and identifying the technique that the attacker used cause the data breach.
Millions of customers use their payment cards for transactions. Cybercriminals used to steal information and sell payment card information on the darknet. They steal data from customers' computers by using spyware or remote administration malware. “Malware” refers to harmful software, such as viruses and ransomware. When malware entered the computer, it takes control of the machine, monitoring actions and activities and silently sending all of the confidential data from the computer to the attackers (Boes & Leukfeldt, 2017, pp 190). They use a variety of methods to get malware into the user computer, but at some stage, it often requires the user to take any action to install the malware. This can include clicking a link to download a file, or opening an attachment that may look harmless like a Word document or PDFs, but has a malware installer hidden within. The common malware infection methods were compromising servers and workstations by accessing a targeted system using vulnerabilities, social engineering, or brute-forced passwords, planting malicious software on victims' devices via infected websites, and sending malicious attachments or links by email to them (Gercke 2016, pp 40). The main objective of malware to extract the data from the user’s computer. They continue to innovate in the social engineering space, developing new methods to manipulate customers into believing a message, link, or attachment is from a trusted source, and then infecting targeted systems with malware, stealing money, or accessing confidential information (Boes & Leukfeldt, 2017, pp 190). Hacking-exploiting vulnerabilities in software and hardware are one of the common techniques to attack. They mostly cause damage to colleges, governments, banks, and cryptocurrency platforms (Jenkins, Anandarajan, and D'Ovidio, 2014, pp 345). They can extort website, operators for profit, sometimes by threatening to steal client databases or shut down the website.
Hackers use DNS hijacking to infect the computer system so that internet queries are redirected to a domain name server controlled by the hackers; this is a version of domain name theft, the intent is to steal web traffic or financial information via false “enter payment information” pages or to trick web users into downloading malware. Similar to DNS hijacking; malware loads a legitimate-looking page on the victim’s computer to steal data that the user inputs or to send the user to a website page that the hacker controls.
Critically evaluate the case study and discuss what security procedures were missing, which leveraged the attacker to exploit the vulnerabilities
There are many loopholes from where the attackers exploit the vulnerabilities. On the internet, nothing is safe from attackers. There are too many ways used by them to hack computers and systems. First of all, we shall have to know what vulnerabilities is. A computer system vulnerability means a weakness in a computer system or network that could be exploited by the hacker to cause damage or allow an attacker to manipulate the system. The ways that a system vulnerability is exploited depends on the nature of the vulnerability and the motivations of the hackers. It can exist because of the unanticipated interactions of different software, sites, and systems components. Malware is commonly being used all the time. It’s important to know one thing that many of these “new” malware files are simply reuses of older malware programs that have been altered just enough to make them unrecognizable to antivirus programs.
Every year, many different kinds of malware have been created and used each one affecting the target’s systems differently.
Ransom ware-This malicious software is designed to encrypt the victim’s data storage drives, rendering them inaccessible to the owner. An ultimatum is then delivered, demanding payment in return for the encryption key (Sen and Borle, 2015, pp 320). If the ransom demand isn’t met, the key will be deleted and the data lost forever with it.
Trojans- This references a kind of delivery system for malware. A Trojan is any piece of malware that masquerades as a legitimate program to trick victims into installing it on their systems (Yar & Steinmetz, 2019, pp 153). Trojans can do a lot of damage because they slip behind your outermost network security defences by posing as something harmless.
Worms- Worms are programs that can self-replicate and spread through a variety of means, such as emails. Once on a system, the worm will search for some form of contacts database or file-sharing system and send itself out as an attachment (Ponemon, 2009, pp 2008). When in email form, the attachment is part of an email that looks like it’s from the person whose computer was compromised.
Basic antivirus can protect against some malware, but a multi-layered security solution that uses antivirus, deep-packet inspection firewalls, intrusion detection systems (IDSs), email virus scanners, and employee awareness training is needed to provide optimal protection (Weiss and Miller, 2015, pp 67).
So many malwares looking to exploit the same few vulnerabilities time and time again, one of the biggest risks that a business can make is failing to patch those vulnerabilities once they’re made. Updating is a nuisance to most users. However, it’s a “nuisance” that could save a system untold amounts of time, money, and lost system later.
There is a way you can take traditional magistrate credit cards, while still protecting card data. This method is called point-to-point encryption. This encryption encrypts card data at the point of swipe, all the way to the bank for approval/denial of the transaction.
Assess the Home Depot situation against the risk of a security breach. Identify and discuss the technological weaknesses that resulted in a breach of data.
The home depot data breach was not the first of its kind, earlier in 2013 Target breach was the biggest data breach in the retail industry where 40 million credit card details of customers were compromised. Thus home depot should have been cognizance about the consequences of data breach and should have learnt from the data breach of Target and should have rectified.
Therefore exactly after a year Home Depot even surpassed Target which led to 56 million card details being compromised. There were some serious mistakes done by Home depot in managing in business which ultimately led to a data breach in such a large scale.
One of main reasons of the data breach was due to technological weaknesses in the Home Depot system. Below are some points which justifies the technological glitches of Home depot and what exactly went wrong for Home Depot:
The attackers infiltrated the POS networks and gained unauthorized access into the Home depot vendor environments using a 3rd party vendor login credentials which ultimately led to the access of the Home depot corporate environment. Once the hackers entered the corporate environment that led to an apocalypse.
The vulnerabilities in the windows operating software which was due to outdated technologies led to such a disaster.
They didn’t have any secure configuration of the software and hardware in the POS terminals as they didn’t have any their own restricted VLAN (virtualized local area network) or restricted access between the POS and home depot corporate environment.
There was no segregation of the POS and corporate network which is also one of the most important reason for the hackers to get access.
There was no vulnerability management program which will detect and inform us of any technological glitches or any slight vulnerability so that we become cognizance about the matter or the problems looming over our heads. The vulnerability management program would ensure that the problems which occurred were assessed by the companies beforehand so reduce the extent of damage which happened
The technology was very outdated which restricted in using P2P encryption, antivirus and many other application which would help Home depot to protect the POS systems from hacking.
SEP (Symantec Endpoint Protection) was installed in the Home depot environment. SEP (Symantec Endpoint protection) is an antivirus which works as a HIPS (Host intrusion prevention system), but the problem was an important feature of SEP (Symantec Endpoint Protection) known as “network threat protection “was not turned on which led to such a problem (Ponemon, 2016, pp 132).
The method by which the details of 56 million card were stolen is known as memory scraping malware. The malware is able to copy the details of the card from the RAM. Once they were able to enter the Home depot corporate environment this malware known as memory scraping malware was installed and thus the data were stolen. The stolen data formed large phishing campaigns.
There were host of reasons which led to such a catastrophic situation which affected the financial health of the company along with the intangible metrics (goodwill) of the company.
By considering the technical weaknesses (task 3), recommend the best security practices to prevent the data breaches in the retail industry.
Over the last few years the retail industry has been hit hard by data breaches which has affected the companies and customers financial as well. Therefore it’s the need of the hour to mitigate the risk associated with data breach.
Some recent Data breach incidents which has left the payment cards of millions of customers to compromise which is causing apprehension and thus it is advisable to all the companies to be cognizance about the matter and should react as fast as possible before any mishap even appears to them.
Since those major breaches, companies has been cognizance about the consequences which they may face so they are making considerable strides in terms of improving the overall security system. As the retail and consumer companies are novice and lack expertise as well as the resources necessary to perform comprehensive assessment, which leads to vulnerability in their security plans.
Therefore we have collated some important measures or best security practices that a company should consider belonging to a retail industry:
Investment in company’s cyber security efforts- companies should invest more in cyber security to prevent data breaches by putting into practice some standards and guidelines when it comes to securing payment methods and controlling 3rd party providers.
Usage of secure payment channels – customer payment information is the most crucial information and the most relevant data and thus it is targeted the most. To prevent the leakage of customer data many businesses in the world following Europe’s example are transitioning and beginning to accept EMV chip cards or payment cards which uses point to point encryption , next generation firewalls to secure the data and prevent from fraud and stolen information.
Implementation of security plan for 3rd party vendors – one of the most salient reasons for data breaches is 3rd party vendors and so 3rd party vendor assessment has been very important nowadays for every business. Vendors should be assessed on a frequent basis to determine security status. Often the companies are don’t have the adequate time, resources and expertise to conduct vendor assessment so they tend to become complacent and ignore the importance of the assessment of the 3rd party vendor. Therefore companies should hire professionals and delegate the work to them so that they can focus on their core services or core business.
Determine the security’s overall security posture with security assessment – data breaches occurs due to hacking or malware practices. So it’s important to hire professionals to detect the breaches and rectify the loopholes within the system as the loopholes in the system can be remediated but public opinion cannot.
Network segregation between corporate network and POS network – once unauthorized access has been gained “ZONING” or network segmentation will mitigate further intrusion and limit further locomotion thus mitigating the threat to a great extent (Weishäupl, Yasasin, and Schryen, 2018, pp 813).
Password and account policies – the password in POS should be extremely strong.
Up gradation of operating system - companies should be proactive in upgrading their operating system and historical data suggests that companies with outdated operating system are more prone to data breaches and has suffered the most as they were not able to upgrade themselves.
Thus from the above points we get an overview how to mitigate the risk of data breaches and how we can save the companies reputation as well. The implementation may take some time and should be done in phased manner and may even seem to be costly, but we should always strive and aim for sustainable growth of a company and look into the future.
We can assure you that the implementation of the above measures will definitely reduce the threat to a great extent as data breaches can be remediated but public opinions cannot be
Analyze and suggest suitable mitigation techniques specifically to the Home Depot to protect against the same type of data breach.
Target breach was the largest breach in history of data breaches until Home depot happened. As per the data a total of 56 million customer payment cards were compromised which surpassed the tally of 40 million made during the Target breach.
So what exactly went wrong?
We should always learn from others mistakes, but Home depot was not cognizance about the consequences or maybe they didn’t consider it on a serious note. Therefore it’s advisable to not repeat the mistakes and thus should embrace some changes to mitigate the similar scale of data breaches in the foreseeable future.
Therefore we have studied and analyzed the case study and jotted out some important points or techniques to mitigate the same type of data breaches:
Network threat protection: Home depot did have Symantec Endpoint protection in their system which is an antivirus but has forgotten to turn on the option “Network threat Protection”. Symantec Endpoint protection acts as a host intrusion prevention system. HIPS (host intrusion prevention system) is an approach to security that relies on 3rd party software tools to detect and prevent malicious activities.
P2P encryption – P2P encryption allows enterprises to create secure communication links with devices containing sensitive information. It mollifies the security efforts to a great extent and thus prevents sensitive information as well (Kamat, et al. 2018, pp 250). This protects the cards from various attacks like eavesdropping of unauthorized devices and malware infections in the POS terminals
Network segmentation between the Home depot corporate network and POS network - once unauthorized access has been gained “ZONING” or network segmentation will mitigate further intrusion and limit further locomotion thus mitigating the threat to a great extent.
POS (point of sale) with restricted VLAN and restricted access - Restricted access will make life harder for the hackers to have unauthorized access in the system thus securing the line. Disabling all unnecessary ports and services on POS terminals will help to a great extent to mitigate the chances of a data breach (Manworren, Letwat and Daily, 2016, pp 262).
USB Ports – There should only be one USB port and the others should be disabled and software should also be installed in the device to track or sends an alert when the USB port has been used and for which purpose (Shu, et al. 2017, pp 54).
Implementation of the security plan for 3rd party vendors – one of the most salient reasons for data breaches is 3rd party vendors and so 3rd party vendor assessment has been very important nowadays for every business. Vendors should be assessed on a frequent basis to determine security status. Often the companies are don’t have the adequate time, resources, and expertise to conduct vendor assessment so they tend to become complacent and ignore the importance of the assessment of the 3rd party vendor. Therefore companies should hire professionals and delegate the work to them so that they can focus on their core services or core business.
Identify and recommend new security technologies which can allow Home Depot to upgrade its existing payment card systems.
The advent of technology and drop in patience or waiting for something has led to various disruptive ways to payment options. Now retailers are investing more than ever to change their technological advancements. The new modes of payments will reduce the time of entering a store and leaving the store satisfied, this, in turn, will definitely increase customer satisfaction. Thus companies are thriving to leverage upon technological advancements with customer interaction.
There are certain methods how the retail industry can give a whole new experience to a customer with full customer satisfaction:
Contactless payments: It is a secure payment method using credit, debit, or any other smart card by using RFID technology (radio frequency identification) or near field communication (Perlroth, 2014, pp 121). Contactless payments have been growing rapidly across the globe. The implementation has been in a phased manner in many countries as it requires to educate the customers about its advantage and disadvantages. More than having an additional payment option it provides the customer a different level of experience as it requires very few steps and its more about fewer steps between entering a store and leaving satisfied.
Mobile Payments: Retailers have no other choice but it’s becoming a necessity for them to incorporate mobile payment options as it is being demanded by many customers. As people carry mobile phones always so it becomes very easy for them as they don’t have to carry a card for just making a payment. Mobile payments are also very past as it just requires a scan and putting the amount. This will make payments faster, leaving the store faster and more positive in-store experience.
Biometrics: This is one of the most disruptive payment methods as we can make a payment just by scanning our hands (Silverman, 2016, pp 185). Consumers are becoming more comfortable with fingerprint scanning and facial recognition. The popularity of biometrics is gaining traction and will thus continue this trend.
This payment method would definitely disruption the traditional methods but it comes with its inherent risks as well.
Therefore by analyzing the case study in this ever-changing world everyone should embrace the technological changes. What is relevant now, might not be relevant after 5 years. Everyone should be flexible and should be open to learning. There can never be an absolute assurance that a single technology will be free from glitches or hackers with not be able to hack the system. They will definitely find their own way but we should keep a check on our system to mitigate the risks of being exposed.
Boes, S., & Leukfeldt, E. R. (2017). Fighting cybercrime: A joint effort. In Cyber-Physical Security (pp. 185-203). Springer, Cham.
Gercke, M., 2016. Understanding cybercrime: a guide for developing countries.
Jenkins, A., Anandarajan, M., and D'Ovidio, R., 2014. ‘All that glitters is not gold: The role of impression management in data breach notification. Western Journal of Communication, 78(3), pp.337-357.
Kamat, P., Gautam, A. S., Tavares, J., Mishra, B., Kumar, R., Zaman, N., & Khari, M. (2018). Recent trends in the era of cybercrime and the measures to control them. Handbook of e-business security, 243-258.
Manwarren, N., Letwat, J. and Daily, O., 2016. Why you should care about the Target data breach. Business Horizons, 59(3), pp.257-266.
Perlroth, N., 2014. Home Depot data breach could be the largest yet. The New York Times.
Ponemon Institute, 2016. 2016 cost of data breach study: Global analysis.
Ponemon, L., 2009. Fourth annual US cost of data breach study. Pokemon Institute is sponsored by PGP Corporation. Retrieved January, 31(2010), pp.2008-2009.
Sen, R. and Borle, S., 2015. Estimating the contextual risk of the data breach: An empirical approach. Journal of Management Information Systems, 32(2), pp.314-341.
Shu, X., Tian, K., Ciambrone, A. and Yao, D., 2017. Breaking the target: An analysis of target data breach and lessons learned. arXiv preprint arXiv:1701.04940.
Silverman, D.L., 2016. Developments in data security breach liability. Bus. Law., 72, p.185.
Weishäupl, E., Yasasin, E. and Schryen, G., 2018. Information security investments: An exploratory multiple case study on decision-making, evaluation, and learning. Computers & Security, 77, pp.807-823.
Weiss, N.E. and Miller, R.S., 2015, February. The target and other financial data breaches: Frequently asked questions. In Congressional Research Service, Prepared for Members and Committees of Congress February (Vol. 4, p. 2015).
Yar, M., & Steinmetz, K. F. (2019). Cybercrime and society. SAGE Publications Limited.