Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Applications
    • Applications
    • Cybersecurity

    TJX Intruders Sought Any Wireless Port In A Storm

    By
    Evan Schuman
    -
    May 7, 2007
    Share
    Facebook
    Twitter
    Linkedin

      Throughout the five-month public history of the TJX data breach fallout, the industry has repeatedly tried to simplify it, to label one cause as the explanation, whether it was incompetent IT execution, an inside job, an open wireless port or some other clean explanation.

      But the TJX situation is complex, complicated and defies a simple explanation, just as their intruders were a lot more sophisticated, creative, relentless, daring and professional than anyone in the industry wants to believe.

      On Friday, the Wall Street Journal reported the TJX data breach started with a wireless break in at a Minnesota Marshalls. The story went into remarkable detail about intercepted communications between wireless price-checking handheld units “during peak sales periods to capture lots of data.”

      The Journal reported that the cyber thieves then “used that data to crack the encryption code” and then they “digitally eavesdropped on employees logging into TJXs central database in Framingham and stole one or more user names and passwords. With that information, they set up their own accounts in the TJX system and collected transaction data including credit-card numbers into about 100 large files for their own access.

      A 5-second glance at those latest details—assuming they ultimately prove to be true—has led many people to dismiss this as another wireless problem. The truth is that TJX offered intruders a generous smorgasbord of security holes, enabling the intruders to plant a trojan horse, steal an encryption key, sidestep less-than-diligently-monitored traffic logs and be able to grab credit card data before it was to be encrypted. So lets not paint TJX as security Eagle Scouts who happened to let their guards down on wireless.

      /zimages/4/28571.gifClick here to read more about a lawsuit filed by a bank group over the data breach.

      That all said, the TJX Intruder Welcome Mat did start with a wireless hole and the wireless hole enabled the rest of the operation. Cyber thieves dont need much, especially when theyre looking for any wireless port in a storm.

      Reportedly, TJX had been slow to move to WPA and was still using WEP at the time of the break ins. If that was the sole offense here, TJX would be in good company, as major corporations—along with more than its fair share of retail chains—tended to be slow to upgrade wireless security.

      A crucial reason for that is lack of understanding. Few managers took the time to understand how much the wireless network was accessing. Just because a unit is designed to do pricechecks, it was seen as innocuous. This has the same feel to it as when IT was remarkably slow to appreciate that intelligent network printers were wonderfully clever gateways to the rest of the network.

      Why? Because for many years, printers were harmless. When they suddenly started getting a lot more CPU, hard-disk and RAM and became fully networked, it took years before the security threat sunk in.

      Most retailers have a strong appreciation for wireless security challenges, but many revolve around looking for rogue wireless networks. Wireless security cameras are another example, with thieves having used them to “case” a retailer while sitting in their parking lot.

      Theory: the TJX case is likely going to crack wide open by this summer. The laundry list of unanswered questions will get a lot shorter as the Massachusetts weather gets warmer. A U.S. House congressional hearing had been slated for May, but its now slipped until at least June, according to one congressional aide working on the scheduling. But whether that hearing will take an aggressive stance and truly try and get closure on the most interesting unanswered questions is unknown.

      The class-action lawsuits are also supposed to start getting discovery within a few months and the state Attorneys General probe cant really continue much beyond this summer. The incident was discovered in mid-December and all break-in activity pretty much stopped by early January. Its now five months later. With no active suspects, its questionable how much more time the probers would need.

      The defining moment will be when TJX comes out from the shadows, calls a news conference and gets their side of this out. Im not holding my breath, but if its clear that theyll have to answer the questions publicly anyway, they might as well at least do it in their own forum.

      The big-picture takeaway on this, however, is that the perpetrators of the TJX attack were doing exactly what every retailer is afraid they were doing. Planning a multi-staged attack, using a wide range of tools and tactics. In their attacks, they did what every retailer should have done in their defense: use multiple redundancy.

      In other words, the attackers didnt assume that a particular tactic would work, so they had multiple backup plans. If only TJX had done the same, we wouldnt be having this conversation.

      Retail Center Editor Evan Schuman has tracked high-tech issues since 1987, has been opinionated long before that and doesnt plan to stop any time soon. He can be reached at Evan_Schuman@ziffdavis.com.

      To read earlier retail technology opinion columns from Evan Schuman, please click here.

      /zimages/4/28571.gifCheck out eWEEK.coms for the latest news, views and analysis on technologys impact on retail.

      Evan Schuman
      Evan Schuman is the editor of CIOInsight.com's Retail industry center. He has covered retail technology issues since 1988 for Ziff-Davis, CMP Media, IDG, Penton, Lebhar-Friedman, VNU, BusinessWeek, Business 2.0 and United Press International, among others. He can be reached by e-mail at Evan.Schuman@ziffdavisenterprise.com.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×