The Target breach case Study Assignment.
In 2013, Target was the victim of a sophisticated data breach that resulted in the loss of consumer information. The attackers infected Target’s Point of Sale (POS) systems and inserted malware that captured every swipe of a Payment Card. During the investigation of this breach, it was determined that it originated from a third-party vendor who didn’t incorporate effective security controls. For this week’s case study, we are going to do a deep dive into Target’s data breach. Your paper must cover the following topics:
1. An overview of how the Target Data breach occurred. For this section, we are looking primarily at when the breach was discovered, how it was discovered, what vector(s) the attackers used, and what was infected.
2. An overview of how Target responded to the breach. For this section, we are looking primarily at what Target did when they were notified of the breach. How quickly did they respond, what steps did they take to respond, and what did they do after the breach was resolved to further reinforce their network.
a. What could be done to further secure their network. For this section, we are primarily looking at how Target can improve the security of their network, including vendor/external connections, and how an IDS and/or IPS can be used to increase the security of their network.
b. A logical network diagram that shows your proposed network layout that can improve the security of their network, as well as a discussion on why you proposed this network layout. This diagram must cover the following:
- An outside vendor connection. How does this vendor connect to the Target network? What security precautions are in place on the Target network?
- An IT network (domain controller, name servers, and other similar IT assets).
- A POS network.
- For your POS and IT networks, show whether they connect or not. If you decide they should connect, show how the connection is made, and what security precautions exist on either or both sides of the connection.
Include best scholarly sources and security sources. Attached is the Target breach case Study.