Presented as a webinar on July 9, 2009.
We discuss how a simple website error let the attackers capture credit and debit card numbers as they were being swiped through the retailer’s point of sale terminals.
And it isn’t just MANDIANT talking – our client, Randy, shared his perspective on the cost of the intrusion, insurance issues, fines and remediation activities. That’s a side of the story you almost never hear.
We show you how the attackers got in, how they stole valid insider credentials, how the intrusion was discovered, responded to, remediated and beyond. The entire lifecycle of the intrusion… revealed.
And what’s more, we and Randy offer some advice that may help you avoid a similar attack on your organization – or at least minimize its impact.
This was a rare opportunity to learn about a security incident from almost every angle.
In the webinar, we referred to several resources:
Kris Harms is a Senior Consultant at MANDIANT and provides commercial organizations, attorneys and the U.S. Government with expertise in incident response, computer forensics, vulnerability assessment and security architecture design. He has recently been focused on solving high risk computer security incidents for Fortune 100 clients, financial institutions, and organizations affected by the Advanced Persistent Threat. A frequent industry speaker and instructor, Mr. Harms has appeared on the CBS News program 60 Minutes and PBS’s Wealth and Wisdom.
Michael J. Graven is a director at MANDIANT. Like all MANDIANT consultants, he chases network bad guys through Fortune 500 companies, governments, and financial institutions. Michael earned degrees at Northwestern University and Stanford University. He has worked on internetworks and system security since 1989, working in environments as large as AT&T and Netscape to as small as twenty-person startups. He is a native Californian and a snowboarder, but he does not surf.
Randy runs IT at an organization that processes card transactions. He is a PCI Level 4 merchant with about a hundred point of sale terminals, a corporate website and the usual things you find in a modern small business. His business was attacked by data thieves, and he engaged MANDIANT to help him and his team of four respond to the propblem. Randy is also an artisan pickle farmer ("And we’re PCI compliant… cash only.")
