In response to news of the Saks/Lord & Taylor breach, a Juniper Networks threat analysis expert says it’s likely that 6 million customer payment cards were stolen, including another 1 million in EU/Asia that were not initially reported. Mounir Hahad, Head of Juniper Threat Labs at Juniper Networks commented below.
Mounir Hahad, Head of Juniper Threat Labs at Juniper Networks:
“In addition to the five million US-based credit cards stolen, it seems that the perpetrators also siphoned off about one million additional credit cards from EU/Asia residents. A recent similar operation targeted national stores and stole about three million credit cards between May and December 2017. All of these breaches seem to have utilized a point-of-sale (PoS) malware that intercepts credit card transactions, records them onto a local file, encrypts them and then sends the encrypted information to its command-and-control (C&C) server.
“This breach continues to highlight a couple of things: A breach is only a matter of time for most organizations. As Gartner puts it, assume you have already been breached and work on detecting that breach. The second point being the length of time hackers are able to operate in an environment without being detected. This clearly calls for a very different security posture, one that emphasizes detection over prevention. Most breach prevention methods have to take a quasi-instantaneous decision on allowing or blocking traffic and there is just not enough time to make a bulletproof determination. Organizations have to allocate budget specific to detection, which utilizes all network assets to detect post-infection indicators, such as command-and-control communication as well as analytics-based solutions, which are more capable of identifying low and slow types of attacks spread over time.”
