Newspaper article International New York Times

How Working from Home Can Leave an Opening for Hackers ; Cybercriminals Exploit Remote-Access Software to Steal Retailers' Data

Newspaper article International New York Times

How Working from Home Can Leave an Opening for Hackers ; Cybercriminals Exploit Remote-Access Software to Steal Retailers' Data

Article excerpt

Remote access software can be used as a portal into corporate computers, the Homeland Security Department warns in a new report.

The same tools that help millions of Americans work from home are being exploited by cybercriminals to break into the computer networks of retailers like Target and Neiman Marcus.

The Homeland Security Department, in a new report, warns that hackers are scanning corporate systems for remote access software -- made by companies like Apple, Google and Microsoft -- that allows outside contractors and employees to tap into computer networks over an Internet connection.

When the hackers discover such software, they deploy high-speed programs that guess login credentials until they hit the right one, offering a hard-to-detect entry point into computer systems.

The report, which Homeland Security produced with the Secret Service, the National Cybersecurity and Communications Integration Center, Trustwave SpiderLabs, an online security firm based in Chicago, and other industry partners, is expected to be released on Thursday. It provides insight into what retailers are up against as hackers find ways into computer networks without tripping security systems.

It is also a reminder that a typical network is more a sprawl of loosely connected computers than a walled fortress, providing plenty of vulnerabilities -- and easily duped humans -- for determined hackers.

"As we start to make more secure software and systems, the weakest link in the information chain is the human that sits on the end -- the weak password they type in, the click on the email from the contact they trust," said Vincent Berq of FlowTraq, a network security firm.

While the report does not identify the victims of these attacks, citing a policy of not commenting on current investigations, two people with knowledge of these investigations say that more than a dozen retailers have been hit. They include Target, P.F. Chang's, Neiman Marcus, Michaels, Sally Beauty Supply, and as recently as this month, Goodwill Industries International, the nonprofit agency that operates thrift stores around the United States.

Once inside the network, the hackers deploy malicious software called Backoff that is devised to steal payment card data from the memory of in-store cash register systems, the report says. After that information is captured, the hackers send it back to their computers and eventually sell it on the black market, where a single credit card number can go for $100.

In each case, criminals used computer connections that would normally be trusted to gain their initial foothold. In the Target breach, for example, hackers zeroed in on the remote access granted through the retailer's computerized heating and cooling software, the two people with knowledge of the inquiry said.

In an interview, Brad Maiorino, recently hired as Target's chief information security officer, said a top priority was what he called "attack surface reduction. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.