|
|
|
Details of Heartland, Hannaford Data Breaches Emerge
By: Brian Prince
2009-08-18
Article Rating:  / 16
There are 5 user comments on this Network Security & Hardware story.
The indictment listing the charges against a 28-year-old Miami man sheds new light on how the government says a group of attackers penetrated the security of Heartland Payment Systems, Hannaford Bros. and 7-Eleven.Roughly seven months after news broke of a breach at Heartland Payment Systems, 28-year-old
Albert Gonzalez was indicted for cracking the company's security.
But to hear authorities tell it, Heartland wasnt the Miami mans only victim. Among the others are 7-Eleven and Hannaford Brothers Co.
With the indictment has come some new information about the data breaches. Gonzalez was indicted along with two unidentified co-conspirators believed to be from Russia.
A fourth individual, identified in the federal indictment only as P.T.,
was not charged in the case but is listed as a co-conspirator.
According to the U.S. Department of Justice, the group used computers
around the globe to stage attacks and store malware and stolen
information. In order to prepare, the group tested the strength of
their malware by putting it up against approximately 20 different
anti-virus programs.
The attack took planning and organization, but ultimately it was done
with relatively common attack techniques, said Rohit Dhamankar,
director of DVLabs at TippingPoint. It just goes to show that even the
most basic type of attack can do serious damage and enterprises need to
be more vigilant about protecting the outward facing portions of their
networks. According to the government, beginning in Oct. 2006, Gonzalez and his partners began researching the credit and debit card systems used by their victims.
Once inside the corporate networks, the gang conducted reconnaissance to
find credit and debit card numbers and other information. The group
used sniffer programs to steal the data, and would communicate via
instant message while attacks were in progress and advise each other as
to how to navigate the corporate networks to find data, authorities
said.
At the time of the Heartland incident, the company processed millions
of credit and debit card transactions daily. Beginning on or about
Dec. 26, 2007 , the company was hit with a SQL injection attack on its corporate
network that resulted in malware being placed on its payment processing
system and the theft of more than 130 million credit and debit card
numbers and corresponding card data.
It was the same story with Hannaford,
which reported a malicious Trojan was programmed to pilfer data from
the magnetic stripe of credit and debit cards being swiped at
Hannaford's checkout counters. This is believed to have happened around
November 2007. The attack led to the compromise of 4.2 million in
credit and debit card numbers and related data.
Before that was 7-Eleven. The chain of convenience stores was hit with a SQL injection attack around August 2007. After swiping the data, they sent the information to computer servers they operated in
California, Illinois, Latvia, the Netherlands and Ukraine.
In addition to these attacks, Gonzalez is currently awaiting trial for his alleged involvement in the
TJXhack, as well as an attack targeting the computers of the Dave & Buster's restaurant chain in New York.
The fact that some, if not all, of the companies were PCI
DSScompliant before
the attacks sparked questions about efficacy of PCI regulations. Steve
Dauber, vice president of marketing at RedSeal, noted that PCI audits
are only the beginning.
PCI is actually
a pretty reasonable set of basic security recommendations, he said.
The problem is that businesses mistake passing a PCI audit with being
PCI compliant. Audits arent comprehensive by nature they will
never catch every potential error in implementation. More importantly,
audits occur at a point in time, but your IT infrastructure changes
constantly. So even if you do pass your audit, you may fall out
of compliance the next week. If you want to benefit from PCI, you
need to maintain compliance both comprehensively and continuously.
 |
|
|
�������x}r8vD�ZӮ��Y:dK.kʶ<<ձ�
$)CR>w^3/ϸ�x$�ߔ+ʖ�0�$B"λ�$i9cr3ݩk��j.w߽�!�[f8�TEK�]ߤ~�Am;t� =4mzNHB��~}@~cfw��D%x�_'Щ�ѩ�wɄZIX��Qߕ>}~qlv��.pvLQ�m�x�uGѦ�%Cx�Gu)tC(D�HږyD6�EG�J��ߣ*C7�ݩx8/DeO�ɾy5E�hDԤ#|xB'g�xGd�Y���
(ƻ�fՉziZg돇dh-vuI
CuaOG�Puh3hm�Ea�ij|�Tݯ�(�G}`[BUzEÝ|k7�~+�U�w9*�GA
�n+p[N�^v�Sq9}r>?'��7��;A:���;YHL~#/@Dr V*4MD��&-ā�P� u/jzQҏ[F-_ ��4E;J
KHS�=
(����N,� �wlji_Wם^'gם)7b٘XC�ji@��$�m�vD�,�Eisiڟ:'�gw�:�R��ڟ�+̊/k*~k
p�6O{uH0��`kh�`c��RV>H�?'Wm2 ᭫�Rdt"˭~qN���X(-t[ۗ�RH3}c-? ,�_��0f��k���$LJo$SE@;-�u���0 K:���YK�7B��S��_?g]p�� a6z�@Lt�\� ��Q�C|dMi�l&XJp?�є=m̗W/b`(AK/g
ڊ�5z:�]V4y3D�ɝ g��/3�/�r.i }��h8y�WTWws
iz�t49;�G].7Du,.Ⱥ*s5ͷwf�t_wθqn?^[wսuEkoU�yƆƇ�i9",$��uu\StԪt�^J�jE@U~^�q�-Aqb2B��c�=&M:gvX�Y8��`���;}JwϧԴfPwӈ<�:�M�/�G˥qf1�@�
L�na� �p�w�>-Fv93�{Q �{>�0i��CkJ�^�D$�״
�l"�&q���3)к`�&oAY@[SaP�#[ҽ�:z��?@���6
=���2/?>�fCxwݐ�,P�}��@=XS9;ݲeǀԜ��:0$w2R}#9n.O)))?�]Pv9�DB�
B�!B��0 H�# P
�� a��\.3=�ry !sw�rvn �{T�Kh+�K@f:32YIFMf�
X�*ȉ#�o"0�9X����
,gZ
X�+%Ƽ
ri��|:ioB{4��08B�d�p=YI�����& C
IK,[t
�t�?{\
g!7!q"�%`|fX�4К3=PA\^�X�P�L;Jm(tsj9`XƄWjP�~�A-���QM{luV<ۢfA�8-v��k2��JE�'6`�FTTMZ|!||=Ꭴm[_4�@>|�zS.z8؍8�r!�O5kb�$�`C�O
�<<�Ey�5cuɕe.F�iJ�W2%1�8�FL�yG
('��wJFJ��V�!zh'Nы>Eg�plYUo)�,^Օpz9(�:R�j'/�"oh��m_yʠ�uiLGy��-B�� IHf�(XKKe�zlx8$&lE2L�E�6���pZ#�7l{`(`\Re`�}dҶ��F*ZYSj25�k-l!�1ȁ2(鿙��Ȩ؊-
Yj6<:O\�Ѓ�y~o�2er���,��p6X!2DM AB\�
ˀ9\G&fF�- ��o+_ ���%�1tJ�]qY3:/�{ŅaWlJs�k4GuM8@oE�"}a`N4S�
Ȳ`z`ُ�IA̫eU��+P�+e �Ӹ�csMD@�g�2,�rGmA�uN֝G��4=�Zj\X,��>9��Wa�R9�>
U�T !őOT׃REah�(j^p��1,4�ra,1 D��R�5V2Swh�u{�T*j�PzNIQ*)��kMxg��9oLq3
�iȐ0ҁq�_HE"}�[+pp����\���U.)L0�:J�J�+�,X�8���:T�#;4⦼6t�W݂�bIuI B�M!RB�3�]==1���"~`{t&UkR_�ѾZVQ+g7�#UFQX��5`�w4�'�7~�2Msg`@o(��g-%W#㓏�.V+p #.Z$ c`W��. _�@X5�ܧ�i
~i?A}�l#�e{�
$$�MU���pnp{��E�@�=F&: pB��E���Ms�-�"z@z�zκԲ'��5&3`���3?Q�<�a�SF]S؇Qgm/ R=TʞuZu^��_mpH1�)dQ@4D=]ZRk1*@G�7�kk���e3Vi�V))�^%�f�2АjwV0o\,_qm(}�g^�L̺>~W2É"9EYۏ6Wb�=>`
Dq+p½�
b/^�W9.^٤�ĈϋhwyUM+ۜa2"(�ʇF�s�euU�lʬ.n>{r
9O U�jY GqS�V3On�Uc�*|�z�:vi0v-0\=>w"qD d��넱Ŏ|�@�"q)(/9
�.KU`��ҖMЋF(+4�9aؠGsHoR1�0���Vow�!+.��k�R�RV*�X\5@VN^A
ұg�/@C׳@g.lLqD��G�TUe@5yģT1#j_��HV�mZ\�4�wmo�j&l�ĞM#2��OR
(KY�,a�T+
~sũ�Z�kRS+GFXT9K=XT\S=@�z}ݤ1�pS
FU H҇>rS->j4�JRU-+)1Co���J�9MLt�M� B �L%KB?ͥ�5?cDN@�B�9�@�BG��YI�{QG Cn7�")@^�ؔ:z�ie�biw�:Λ+��v̼uُ~�vgCX�viW$#�V�*J7eVVځ*NjV$,< ?��>{d,j�LGI<^��&.rOf�WW\����ϸ_A|����/͆Re_AkrR8~G+a.�ra&�5��Wj�jy�>ear UN7�.�_Tj
Q�*�s>P�|�kɷ0�6njK�<:��+Aנn)ɡ$ |ïʍ�D@7wZTa�W&#w991u?|{qqwo�zՔݷG S�
L��$T��!C�h/nL00:O6i�O(JQwge_:m^t?�1���?�N��[:N�;QAV�vи:@C�~:?�I˖Թhoy,M�dz�NR(����1>dt+]=^5[{隿F�=;o ���ŧ��r��E}R|{юy-{w[Or��KC,�F�!zNfS �k3d8)@xdqH�/=�^q@ڊ�
�ҽn9`\0c-MgBpS�E0V�y8a{6,yy~U���kq� ~�Cd��x��AQ���5@�KLF:TrVfp=6"��Bt�X�1u�e�Ec)#Q\(�k4>^79Q19l67 FGWE'K;z-g[I7S+d$
#?]/8�
݃�ϟ"�VZǭZO{GH$�y�
?9/w�b�B48c��n1�KP .Mu?Ro�2MĔ�yk�.NE i =O��?quσx1èQ�LwSa�$-zdeۆnKlx8e9)�Mz.�p��|Lj+'iZVӼ�6X(��4%�44ҁO�CYB*d7'�һj^npV�Pto6_xvImK$gQt>fKEҊ�P�k��Ib�-�g��+y--E#]}+
iǂa|x"��R̅)�Oc��x��9$gE_A>?u��T%ݝ:V8�8F�ʳ�ƍp'a�wʜW#�}`Z/
?�Y
.�k ��v��g>&k��>�ɘӍ A�0n�sBk;G�R��v0&xl&�4�-�EWy'("Kx^�~4qXx2u|SUkͰ"ˀ"�3��;-�!.I߾&3�
�#A�ɼ��}g��7o�m�T�=e>d>IАYc=ty8!�-_^:ݷ2ߓ�̆{_J'ok v'ۻw�}ۖq*ApC<3�Ҁ�I1$�ZQVP�**s攤˞�v�X�Њ�&�b�`@Ɍ7#Gz���f}#uoo=ȥ��֛݅q=*A�#'�껌�wUGGpSxw6{ZeeQJ=�;qM@kjyJR�-3����xL 6;w1�t`��A�AXŀ0!h7�\#9S1Aid=h�l|n�wcLRx666�y��) h4RwV`/�lf8�W
��VN��
6��V8E�)�W_7zkV�$G3촎7��_7c\PFD+�
|�oQ�{ζFY~lOӪ�,��3J:U);Ljjp&yT�tIt+NNn�%!�) ԡ
LKivjm|pd��ثb2ƐޅIDŽ]j:$۞ǎ=&�U
zjbO�!�B6)���AsIοRyi9jHԣS��kxe��baQEh�1yr,��e$#��� Jc 8�ܖTTIS6%J/tmd & 8Pݓ\�P�J<ݸT;Pj<3������:&fIA'�EY/x-�4�Yy�+qtL$-s 1Us�ʱ��a �~��@|rl'ֆllZs+RIJIR�6%ꋓJ�'R_�ּR�)` *J@!�P�"���}]裁o:Ɔ��/"U4ò+v �+�TG�/.�����*5|_p">_%g�Tmv c�t�TIGjzR�0&�ڀ<��]['��PR1���SK[[!F
B{-h)�*]})'d>)X �v�~7ֹ�^cm
\IĮV�nhlЈLG}�S ɨ�_H6��� @$�"I r�@_�Y
ˋ0x���z O}�p)0��_%D
ڝ���̺Q76!�_M��e̜{�ǜ�RRYȥ^H`@c_1sE@SqΠ~ŚhWSOL�6�sc^�FD\�ӣQf9x!Ib;zVӌ�|!yx�bcM
'�1�^e�5+L�J͡;ԟ\:W �<|L O:-'#�cnl\u��Ǹ~"~"~"~"~"nE,Wj僯͋�S��ƹh���G8ax��^ٰ~ńDw�܈�Z/��R/2h�Y?Qx�lq@j X=썴C���'vŖժ4V|i���4`K7C�E{̳L ous�?J 0�a�oMW3O�y�;fu5-ܮC�S��J`Х>� t0<�y_6��H�@'�����#���>V~
B"\<��'yMAb)m8x"&ރH'jYZWɄ�!� �I@9$�00�T"!�룐3m5v_ߍ&r���.B_nfĵm}�euS:Nt�9�5\9@a!FE&%>b�lS#�M0UVTQx�$Yt]��$?�i�3Qx>/*Lb=zRG,�S
62s����$��Wg8\@O��脗ݽ]Ŝ3\`L����'|-^O/Em/`h2|
1���1[TSvXf 187�B%'IX1L6�[�`63���~ΟOR!g@%UX6\ ��0>6-��l�oX+U+sZԎi�E=4!Cu_�ZӔVW,�,E܍! =��9斺\=GieZ{cq;kF^.kZ%3ۏi��
T`�N�!0L\|\>PP.%(7_$-�s� � �<�z9~Z2ۍ��|{Xq��gB\�p� ʖ�k_�H
=� n�HX#�NgNtĎ}NL톫$õ6�n�O4fOs��-g:wC"0O�~msΩ 3r1�n%'{�+L66�mYU)7g%;ڹcavC��,�d��>b-ݱ=�rTr%b�?�K)m#Va�%|�#�$#�oDYa�B��G�L��m�jJGh5V�hd�ti2*5����Sx�cD��U<�1�1t#gfɝ7�g�j�ٽ[!ʃVSv�ru
ZS�_�D@�_�tq֦!�ˢ��so¨`*à��MI٫TT~���h�:��^hTJu
/Ua�|$w�{.�̥7b?= .θ��9��ǃ""a=X@2>n�de�Hd&4]Y�Uc�`�xyM!�FF�=4;};o�zxX�2dG��k�`Gv?0L�2
b�T=9�̃:$�.+JAW�d��:,�|e1q*V�ZC8
ܰJ7�o8g+H0ג r)؇c*|k7�/{ʁ.BTw.sOaH��P=S!bX"1eZ1ֈ�Q(Җpx4>>_ziJ1%\��\AA�cs}��/6"))ĴF#1C�LD:5,ǰgL#|M�t�lCcн8y|v��#0G[/b �6C��;b<1#bH�c��Q�%�,�A�S�"��F2���Ƃ![CP/Rfjs# a/x�a 3��s�``EPf00��apLo?ѧQXO^N��@ S+�f)�u
n9
:W�eOLg�>�{:Y��Qں9�P)lkIߢԲQq{sپ\�S�cal\_dj(�,Ǜ,# rzټh3;eFq*M1B*r<�MO|?_)Qe3̋, qW~4A�̔�7[vc+�txu3�_,�^w��
>r:X)`�чzQc r��!>'}ҽl��IJ/6ρ�s?@_k(^]~�JmwS_]��9'P~�s9�?.?��gViC:9CL2�^S�?.?�9A5.r�3���{�E�~.`�9�ȡ�ϋ�D��'(S~�g9_@EN9e^�\%euݜwAtsO�K7G\�}\�5u�``9�cuG9 ?>�S�n&�&~oonr/$)G�Ay3ϚWpz~;}sS^.4s\�y~�)�P9�P#*
���z2*�ϕRW��~�>'{'sg#�I^W�Kͮ0TntKT앆cn5:�v��^_�a=^*��B8D�Cw_a��ɡ1z�I�<���vڢ{&��|t9pùA|3v1X90l��H͆Re_*V+rR8~G+F$ô���{)&0#&_4v�X���%�QP�e��h�[i2�oVS�y�Vi8�n[�C#DK(��x�>�[xAcE2~�_ԃm\fH��6T<�'U~ m'<�@���7����5v�;�SŨЫِ@�F��3��7:�/r�hؐCs9N-#E� N>�@ϦL6�Y&5$W�"�7�6@��
C�!,�x
uY<���X!W��KgD��|&)=tφ�E!
�U/ADZe]+��3˸ [2dZ jXJr�
9;�M-�˃ޛ#>sdN�r9=bՇ�<0
;��V�sa/Ir�o��p�1�q�6`:}|�f`$->X�v;n^X�Wm�O>��QdhcЁx^�I�1�Hm7gBoaXkt J7B��g���g-1�L=-i�o�B�6$a�B�S@e8>�cc>mTώ�;]:�5
�uu;��/T��3��l}?i
�fL~Ʈj.'%x^�3�8ty'0OF�<#FOb\v�BaIgL�Xb���='�̄�8B:L
%|�X�%�i3}��@ =(
of4
%`y��@4�4{W25q�얢e��.nD!a�^o1n)/$�&@
S�ֹ�Gm;qSr2VM����Qm`%ন-N \51Ȟg|NtߌI\3Qa[O]%{B7V0*
�܋;ξ�V�^f#9uOUt�g)�dt̅ea�ԐdZμ2?g'
Q\�F$�30(�y�
l����m5G0X�1+ ���RGQf7}OA '�Ɣ
ϰ"�- s�Wm��xDx^N\"?�H=8��d+KW̵1%X^5�E�l߁*�:c�AH>aH�b�V\3|7Z�О3q7C'
Sg�a+c~,Km)胇�Ƚoz�^ɴ�ju�X��XC *f"�Q�}��v,:~vҎ�.3J�bq')iwޟ��tϻ X�ںqK'�_w?^Hђ�uv��J]5[tEg_0�m\}!l6�n&_��!�?[eUUSA$7}M1�ec*@ٯ6vFًᷞQJ�6lS2u̹D5^JC\rbX>էr09d֊��MMn3a-dcˤ_�l)��
|
Network Security & Hardware 
