I need help with these 4 questions
For some reason, Minneapolis didn't react to the sirens. Bloomberg Businessweek spoke to more than 10 former Target employees familiar with the company's data security operation, as well as eight people with specific knowledge of the hack and its aftermath, including former employees, security researchers, and law enforcement officials. The story they tell is of an alert system, installed to protect the bond between retailer and customer, that worked beautifully. But then, Target stood by as 40 million credit card numbers and 70 million addresses, phone numbers, and other pieces of personal information-gushed out of its mainframes. When asked to respond to a list of specific questions about the incident and the company's lack of an immediate response to it, Target chairman, president, and chief executive officer Gregg Steinhafel issued an emailed statement: "Target was certified as meeting the standard for the payment card industry (PCI) in September 2013. Nonetheless, we suffered a data breach. As a result, we are conducting an end-to-end review of our people, processes and technology to understand our opportunities to improve data security and are committed to learning from this experience. While we are still in the midst of an ongoing investigation, we have already taken significant steps, including beginning the overhaul of our information security structure and the acceleration of our transition to chip-enabled cards. However, as the investigation is not complete, we don't believe it's constructive to engage in speculation without the benefit of the final analysis." More than 90 lawsuits have been filed against Target by customers and banks for negligence and compensatory damages. That's on top of other costs, which analysts estimate could run into the billions. Target spent $61 million through February 1, 2014, responding to the breach, according to its fourth-quarter report to investors. It set up a customer response operation, and in an effort to regain lost trust, Steinhafel promised that consumers won't have to pay any fraudulent charges stemming from the breach. Target's profit for the holiday shopping period fell 46 percent from the same quarter the year before; the number of transactions suffered its biggest decline since the retailer began reporting the statistic in 2008.15 Questions How did the hackers steal Target's customer data? What types of technology could big retailers use to prevent identity thieves from stealing information? What can organizations do to protect themselves from hackers looking to steal account data? In a team, research the Internet and find the best ways to protect yourself from identity theft. QUESTIONS 1. Identify the different types of hackers and viruses and explain how a company can protect itself from hackers looking to steal account data. 2. Authorities frequently tap online service providers to track down hackers. Do you think it is ethical for authorities to tap an online service provider and read people's email? Why or why not? 3. Do you think it was ethical for authorities to use one of the high-ranking members to trap other gang members? Why or why not? 4. In a team, research the Internet and find the best ways to protect yourself from identity theft. The biggest retail hack in U.S. history wasn't particularly inventive, nor did it appear destined for success. In the days prior to Thanksgiving 2013, someone installed malware in Target's security and payments system designed to steal every credit card used at the company's 1,797 U.S. stores. At the critical moment-when the Christmas gifts had been scanned and bagged and the cashier asked for a swipe-the malware would step in, capture the shopper's credit card number, and store it on a Target server commandeered by the hackers. It's a measure of how common these crimes have become, and how conventional the hackers' approach in this case, that Target was prepared for such an attack. Six months earlier, the company began installing a $1.6 million malware detection tool made by the computer security firm FireEye, whose customers also include the CIA and the Pentagon. Target had a team of security specialists in Bangalore to monitor its computers around the clock. If Bangalore noticed anything suspicious, Target's security operations center in Minneapolis would be notified. On Saturday, Nov. 30, 2013, the hackers had set their traps and had just one thing to do before starting the attack: plan the data's escape route. As they uploaded exfiltration malware to move stolen credit card numbers-first to staging points spread around the U.S. to cover their tracks, then into their computers in Russia-FireEye spotted them. Bangalore got an alert and flagged the security team in Minneapolis. And then