We talk a great deal about using strong authentication to secure access for enterprise employees, but often we don’t think about how breaches to vendors could make our own enterprise vulnerable. In some cases all an attacker needs is to steal the username and password from a vendor to begin their attack on your enterprise. That is exactly what happened to Home Depot; and it is an excellent example of why not only you, but also your outside vendors should be using strong authentication like Symantec VIP – Home Depot hackers exposed 53 million email addresses. This kind of breach not only damages customer trust but also Home Depot estimates that the theft would cost about $62 million.
“According to Home Depot, the attackers stole login credentials from an outside vendor and used this information to infiltrate Home Depot’s systems. They could then move from a peripheral third-party vendor system to the company’s main computer network by exploiting a Windows vulnerability. Microsoft released a patch for this bug after the breach began, but while Home Depot applied the patch when it was released, it was too late. The attackers could then move to more Home Depot computers, eventually reaching 7,500 of the company’s POS terminals at self-checkout lanes. However, the attackers may have missed 70,000 of the retailer’s standard cash registers as these terminals were only identified by numbers.
The attackers moved through Home Depot’s network during regular business hours and used malware that stole data, transmitted details to a remote location, and deleted its traces. According to the investigation, the breach could have gone unnoticed for much longer if the attackers hadn’t put some of the stolen credit card details on sale while a number of Home Depot executives were on vacation for Labor Day. “
The Symantec Internet Threat Report highlighted how attackers are using smaller businesses and the supply chain to attack larger entities - the Home Depot attack dramatically reinforces this finding. Attackers are becoming more relentless, using multiple avenues to stage attacks. Enterprises need to engage in a layered security approach to mitigate the risk. A mandatory first step is ensuring that not only your enterprise but your vendors are securing access to their networks and applications. Symantec VIP is a simple, smart, and secure way to easily add a second layer of protection to secure access. A username and password may be compromised but a secure second factor will not.