StudyDaddy Article Writing Milestone 3In the first milestone, you identified a recent security incident that took place. There were multiple incidents that were chosen such as Target, OPM, Equifax, Home Depot, and so many more.

Milestone 3In the first milestone, you identified a recent security incident that took place. There were multiple incidents that were chosen such as Target, OPM, Equifax, Home Depot, and so many more.

Running Head: Home Depot Security Attack 0

[Home Depot Security Attack]

[Name of Student]

[Name of Student]

[Date]


Introduction

A security incident occurred in the Home Depot system of the United States and Canada in 2013. The breach started in April 2014 and remained undetectable still the Sept 2. The investigation of the attack showed that the nature of the attack was technical because the main reasons for this attack showed the technical weakness of the Home Depot system. These were some of the main technical issues which revealed after the investigation of this attack. In this attack, the main target of the unauthorized person was to damage the credit card shopping system.

Malware Type

The main reason for the attack was the not proper assessment of the malware within the Home Depot system. The security consultant believed that the main reason for the attack was BlackPOS malware. After a year later, the Security Firm Trend Micro published a report in august 2014 and claimed that the malware behind the attack on Home Depot was variant of BlackPOS, but many security experts did not admit this report and disputed about the type of malware in this attack. A security expert described that they knew about a different type of malware that attacks the sales department, but this type of malware was different from all previous. When a proper investigation file came, it explained that the nature of the malware was BlackPOS variant (Buttrick, Davidson, & McGowan., 2016).

Anti-virus

The manager of the home depot informed that the home depot was using the old anti-virus Symantec’s Endpoint Protection 11 software that was introduced in 2007. Instead of using the latest anti-virus that was developed by the Symantec’s in the coming years of 2011 and 2015. Bloomberg told that version 11 of the Symantec’s had been declared out-of-date. Home depot was using this software because it was still receiving anti-virus signature updates from the system. Another point that was raised by a senior security advisor, that this anti-virus software was irrelevant to the system of the Home Depot (Seals, 2017).

Lack of Encryption

Bloomberg claimed that Home Depot has a purchase security tool, the security company named Voltage Security, that was used to encrypt the data of the card. The company has not implemented that security yet, and it was informed that the internal data of the card had been transmitted in an unencrypted manner. When the information security media group was contacted, Voltage security Media Group refused to respond to the report (krebsonsecurity, 2017).

Poor IT Practices

The professional security members of the Depot informed that the breach of the data occurred due to the weak IT practices in the company. The company has shown its privacy to the third party that eventually leads to the stealing of the data, that the third party steals the company private information that was the card data of the company. The results were severe, as cards used for a long time even after the deactivation.

Conclusion

So, these issues determined that the company was weak in its technical controls; that why the company faced a lot of loss monetary and as well as lost its image. The company has to pay $million for the settlement of the data breach of the 40 million cards in the year 2013. The BalackPOS malware attack on the Home Depot damage the whole system, and the system remained unaware of the invalid card. The customers purchase the household thing by using the invalid credit card, and the system did not detect it. The main problem in the technical control of the Home Depot was the lack of a system that detects the fault in the system if they have a proper security system which provides an alarm when an unauthorized request wanted to enter the system.

References

krebsonsecurity. (2017, May). Trump’s Dumps: ‘Making Dumps Great Again’. Retrieved from krebsonsecurity: https://krebsonsecurity.com/tag/home-depot-breach/

Seals, T. (2017, March 13). infosecurity-magazine. Retrieved from Home Depot to Pay $27.25m in Latest data breach settement: https://www.infosecurity-magazine.com/news/home-depot-to-pay-2725m/

Buttrick, H. G., Davidson, J., & McGowan., R. J. (2016). . The Skeleton of the Data Breach: The Ethical and Legal Concerns. Rich. JL & Tech., 23, 1.

Have a similar question?

Continue to edit or attach image(s).

  • Fast and convenient

    Fast and convenient

    Simply post your question and get it answered by professional tutor within 30 minutes. It's as simple as that!

  • Any topic, any difficulty

    Any topic, any difficulty

    We've got thousands of tutors in different areas of study who are willing to help you with any kind of academic assignment, be it a math homework or an article.

  • 100% Satisfied Students

    100% Satisfied Students

    Join 3,4 million+ members who are already getting homework help from StudyDaddy!