Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

  1. Home
  2. Careers-and-certifications
  3. Malware-brought-hannaford-down
  4. Page
  5. Malware Brought Hannaford Down!: Page 2 of 2
Careers and Certifications

Malware Brought Hannaford Down!: Page 2 of 2

It???s been widely reported today that the source of the recent massive credit card theft at the Hannaford and SweetBay grocery chains was a pervasively installed piece of malware. The finding was revealed in a letter from Hannaford general counsel...
randy george
March 29, 2008

At the risk of sounding like a shill for security vendors (I'm not), if I were responsible for the safety of millions of credit card records, the first thing I'd be doing is unleashing a network behavior analysis tool so I can closely watch who's accessing the hosts on my network that hold the sensitive data. With an NBA tool, you can easily detect and report on what hosts your critical servers are talking with at any time, as well as what sort of traffic is being sent. This is the sort of forensic data that you get from tools in the NBA/IDS space, and it's almost a critical tool now for organizations that are holding critical customer or employee data.

This is a reminder to all security admins: DON'T FALL ASLEEP IF YOU'RE RESPONSIBLE FOR THE SECURITY OF CREDIT CARD DATA. Fight for the tools you need to protect your data, because one thing is for sure: If a TJX-like attack happens at your company, management will want to know why you didn't stop it.

Tags:

Commentary
Careers and Certifications