How Not To Secure Your Company (Target Data Breach)

Рет қаралды 419,759

Күн бұрын

A look into how hackers stole 40 million credit and debit cards over a period of 2 weeks from Target in 2013.
Sources:
www.commerce.senate.gov/servi...
people.cs.vt.edu/danfeng/pape...
aroundcyber.files.wordpress.c...
krebsonsecurity.com/2015/09/i...
krebsonsecurity.com/2014/02/t...
www.malwarebytes.com/blog/new...
securityintelligence.com/targ...
www.crowdstrike.com/cybersecu...
Chapters:
0:00 Part 1: Phishing email
0:42 Part 2: Citadel trojan
1:48 Part 3: RCE exploit
3:50 Part 4: Entry into network
6:10 Part 5: POS malware
7:24 Part 6: Aftermath
Corrections:
-
Music:
- Finding the Balance by Kevin MacLeod
- Firecracker by LEMMiNO ( • LEMMiNO - Firecracker ... )

Пікірлер: 390

@toofunny4541 9 ай бұрын

It's crazy to think the CEO's severance pay was over 3x as large as the settlement value.

@RomanSoldier13 9 ай бұрын

That is horrifically depressing

@Azeazezar 9 ай бұрын

Goes to show you what paying for a good ceo gad save you. I'm sure Elon musk wouldn't have had to pay anything. [/Sarcasm]

@AlexanderBukh 9 ай бұрын

Bcz dude knows dirt on the company, and shoppers don't Ahahahha

@Paulo27 9 ай бұрын

Also, its stock barely moved. In the end, only the consumer loses, every time.

@InspectorGadget923 9 ай бұрын

@@Paulo27 Customers lost some time from the hassle, but banks issued new cards and refunded any money spent fraudulently. By law a customer is only liable for up to $50 of fraudulent charges, but nearly every bank sets the bar to zero.

@Rory626 9 ай бұрын

"...after compromising a deli meat scale" has to be one of the funniest things I've ever heard

@THEMATTHIAS225 8 ай бұрын

Let me get half a pound of boars head and ALL YOUR CUSTOMER CC DATA!

@pleasantvegetable 3 ай бұрын

This is why things that don't need to be connected to the internet should not be connected to the internet lmao

@wessltov 3 ай бұрын

@@pleasantvegetable but think of all the money Target could make from selling data regarding which customers like ham

@KolMan2000 9 ай бұрын

Imagine having a network so unprotected that you can control a cash register with a damn deli scale from an entirely different store.

@imabebebebe2496 8 ай бұрын

What target has a deli?

@firealarm. 8 ай бұрын

@@imabebebebe2496they used to

@crimsonlion100 8 ай бұрын

@@imabebebebe2496 Super Targets

@stephenhunter70 8 ай бұрын

@@imabebebebe2496 It might be the American Target, they got themselves in a bit of strife financially.

@nyx8430 7 ай бұрын

@@imabebebebe2496it was from a nearby deli store

@jamesclarke3430 9 ай бұрын

Please don't stop making these videos they fill a hole in the tech incident post mortem world that I never knew needed filling

@DVMovies1999 9 ай бұрын

Couldn't agree more!!!

@sudo_garrett 9 ай бұрын

it’s literally some of the best content on youtube

@stanleybochenek1862 9 ай бұрын

ahhhhhhhhhhhhh

@Diemf74 9 ай бұрын

He's got 90k organic subs he ain't going no where

@Bromon655 4 ай бұрын

What is the “tech incident post mortem world”

@linux2420 9 ай бұрын

I love these videos, it feels like an extended cut of that scene where the hacker in a movie is explaining what theyre doing, but then it actually makes sense

@93davve93 9 ай бұрын

And it is the real stuff

@JorgetePanete 9 ай бұрын

they're*

@linux2420 9 ай бұрын

@@JorgetePanete I really do not care.

@funpiquilin6093 9 ай бұрын

@@linux2420based

@Not_Tails 9 ай бұрын

@@linux2420based

@highbread817 9 ай бұрын

I had always wondered how they went from Target network to PoS systems. I had no idea it was a combo of weak passwords and... no segmentation. It seems like a dumb mistake today, and that's because it is. Oh and ignoring the malware alerts they probably paid tens thousands of dollars to receive

@Stealth86651 9 ай бұрын

Yeah, airgaps and such are incredibly useful. The problem is that companies like Target have *very* little incentive to actually invest in security. Why would they care if their customers information/cards got stolen? Sure it's bad PR, but in reality stuff like that really doesn't have a huge effect on their bottom line over a year or so. Worst case scenario, they're found negligent and have to pay a fine that's equals a fraction of a percent of their profit that year. They do the math, and a huge reason they don't invest in better security is because they flat out make more money by not paying for better security unfortunately.

@Kenionatus 9 ай бұрын

To quote another comment: " It's crazy to think the CEO's severance pay was over 3x as large as the settlement value. " @@Stealth86651

@namAehT 9 ай бұрын

Flat networks are terrifyingly common. If you drive by a factory, chances are their machines are on the same LAN as the office PCs.

@tekrunner987 9 ай бұрын

@@Stealth86651 There may have been some truth to that in 2013, but nowadays ransomware is the name of the game, and that can be hugely disruptive to just about any company.

@Fionntan993 9 ай бұрын

*hundreds of thousands

@grafzhl 9 ай бұрын

Ah yes, Microsoft, Active Directory and Office, the holy trinity of inevitable security incidents.

@AviatorJC 9 ай бұрын

It‘s more of improper usage including default or weak passwords. Like they used a perfectly fine service in a way that degraded its potential safety.

@nwrocketman6438 9 ай бұрын

0:36 I don't know why, but I find it funny that there are hackers out there that will pay for massively-distributed, licensed hacker tool kits that include a live support page and they still manage to hack a multi-billion dollar corporation. I guess it pays to be a script kiddie.

@christopherquinonez3933 9 ай бұрын

Would you steal from the people who created a software meant to steal

@snowy8465 9 ай бұрын

@@christopherquinonez3933good point

@gblargg 9 ай бұрын

They probably have better tech support than normal legal companies as well LOL.

@nwrocketman6438 9 ай бұрын

@@gblargg I work as an IT Specialist at a bank that uses mostly Microsoft products like Windows and Exchange and I would be lying to you if I said that what you said wasn't true.

@wessltov 9 ай бұрын

@@christopherquinonez3933 Yeah those people seem like they'd make an example out of anyone trying to use their software without paying. They probably have their own vendors for boobytrapped versions of hacking tools

@ChungusTheLarge 9 ай бұрын

Well, you can't say that Target isn't aptly named

@danielmethner6847 9 ай бұрын

Underrated comment

@-_-sneezy 8 ай бұрын

😂

@Ms_Cheesecake 9 ай бұрын

My exhusband's card was compromised in this, and we got to find out when we were out buying groceries and his card suddenly didn't work. Called the bank and found out someone had tried making a $500 purchase at a Walmart in Illinois, and the bank had automatically blocked it and locked the card. He and I both got new cards sent to us. Not sure how much later it was that we found out Target (and Home Depot, which would have affected my card) had been compromised. :/ Great video!

@tc2241 9 ай бұрын

Oddly enough I was involved in Targets post breach auditing and payments processor transition. Been to their IT monitoring center a few times, it’s crazy the level of security they incorporated afterwards. It’d be easier to rob a bank during rush hour

@TheDarkfighter101 9 ай бұрын

You say that but when I worked there in electronics they removed a security camera in the Apple storage aisle and just left the Ethernet cord hanging. Everyday I just wondered if they were dumb enough to have a single network.

@Stealth86651 9 ай бұрын

Love your videos. IMHO I think you're sitting on a goldmine, eventually. You have an extremely good balance of comedy/fun to watch and informative, not to mention you're not just glossing over a few things you add some good info and details. I can see this channel getting very successful/large over a few years. Thanks for the work/effort, it's really appreciated.

@gblargg 9 ай бұрын

A lot of KZfaq videos where the creator tries to be constantly funny just become annoying. Here the funny is funny because it's making fun of the dumb things that happen to companies, and it's so packed with technical information and expertise. The rapid-fire nature also causes some jokes to be gotten only after a few seconds, making them funnier. Ever since I saw one of these videos a few months ago I've been watching every one.

@kratosgodofwar777 9 ай бұрын

My only problem is that it also falls into the same annoying habit that FireShip also has which is condensing so much info into such a small amount of time that I end up learning barley anything but I guess you could argue that's the only way to get watch-time? Idk

@overreactengine 9 ай бұрын

@@kratosgodofwar777 It could be a 5000 IQ play so you re-watch the video

@kratosgodofwar777 9 ай бұрын

@@overreactengine I actually ended up watching all his previous videos lmao its just that this one is a little more fast paced then the rest

@nottrevorallen 9 ай бұрын

i have always had a hard time conceptualizing these big ideas in security. sql injections, input sanitizing, database protections, its all just so high level, that it can be difficult for the layperson to understand what is really happening that was, until i saw your representation of several amongus doing flips and shit inside of the database

@justinian963 9 ай бұрын

Kevin, I really want to thank you for your videos. I am a new cyber security student and these videos make learning about hacks and data breaches so entertaining

@swaggy3987 7 ай бұрын

So many gems in these videos, like where lowly engineers take the bus and the CEO drives a Lambo 😂

@proterotype 9 ай бұрын

I just found this channel today and already blew through all the videos. This stuff is perfect for me, funny and informative. Please keep it up!

@marisakirisame659 9 ай бұрын

Please keep making these. They teach a LOT. highly appreciate your stuff

@MrDaAsif 9 ай бұрын

Fantastic video, you've balanced discussing a technical topic that might be otherwise difficult to understand for someone non-technical, while still having enough detail where the technical people don't feel like they wasted their time

@LouisEscher 9 ай бұрын

Imma have to ask you to make more of these, they're really funny while also being hella informative

@taintedtapper 9 ай бұрын

7:50 Lesson learned folks, always turn on malware auto-removal

@GabsterPH 9 ай бұрын

But my cheat engine!

@demiistic 9 ай бұрын

This video is so good and the way you explained it was perfect. I am studying IT atm and from the beginning we are taught how to prevent these breaches from happening. Hilarious that payed and SALARIED individuals just disregarded the warnings signs. Tells you that security sometimes isn't the concern of major corporations

@jacksoncremean1664 9 ай бұрын

He finally uploaded!

@pablovirus 9 ай бұрын

I love your videos Kevin, the way you edit them always makes me chuckle multiple times and they also tell an interesting story.

@beejay99ah 9 ай бұрын

Rarely do I insta-click on content. Love your style of videos

@papajohnscookie 9 ай бұрын

Your videos are epic, saves me so much time and effort reading into it myself. I can't believe how owned Target were. Imagine the attackers just deployed ransomware instead.

@JimMilton-ej6zi 9 ай бұрын

This is why there needs to be laws in place forbidding businesses from having customer data long term and there needs to be actions in place that allows consumers to not have their lives ruined from bad companies. Changing the default password in an account is IT 101, it's literally the first thing you do when managing something especially with sensitive data. And any time someones credit details get stolen by someone, that business should be forced to pay out at least 3x that of what was in the persons bank account when their data got stolen.

@hyde4004 9 ай бұрын

"there needs to be laws in place forbidding businesses from having customer data long term". The EU did this with GDPR. But that's communism after all so it won't fly in freedomland unfortunately.

@JimMilton-ej6zi 9 ай бұрын

@@hyde4004 the EU can be extremely hit or miss with their laws, but ones that promote a standard phone cable and ones that prevent companies from using your personal information are always good as long as there are less strict laws for small businesses so they don't have their business ruined if they use a third party program to handle transactions and that 3rd party was the one to be hacked. But any business that's fully capable of affording their own in-house services should be required to face the full force of the law.

@hyde4004 9 ай бұрын

@@JimMilton-ej6zi The EU is definitely hit or miss but as far as holding companies up for fucking customers over and general rights to data privacy we are doing mostly well. Well, other than the fact that the EU is on the verge of forcing backdoors into all E2E encryption for instant messasing. Because we all know access to backdoors is never found or bought by anybody that would use them for any bad purpose and governments can always be trusted. *sigh*.

@AJStamand 9 ай бұрын

Or.. just don't go to target. Be informed and make good decisions instead of trying to get government to make good decisions for you. That would be freedomland

@hyde4004 9 ай бұрын

@@AJStamand Ah yes... be informed of companies' internal systems and how robust they are against attacks. Got it.

@louisshyers3577 9 ай бұрын

I absolutely love your videos, perfect combination of technical, funny and informative please make more

@KrooTon 9 ай бұрын

Well presented, thank you for the breakdown of this huge breach!

@mightymcphee4228 9 ай бұрын

imagine your credit card info is stolen you lose large amounts of money all because you shopped at target. then after months or years the class action settles and they pay you 46c as compensation

@TK-rz6ni 8 ай бұрын

All while the former CEO gets a $61 million dollar retirement check

@Nico-qq7xl 9 ай бұрын

This is amazing, please keep up the good work. Thank you so much

@PrasSojo 9 ай бұрын

Just casually browsing KZfaq and found this really fun video. Keep it up bro!

@fortrress 9 ай бұрын

gotta love the detail and quality, really great video!

@swawif 9 ай бұрын

I never knew tech video can have this much explosion. Keep em coming

@TotallyNotK0 9 ай бұрын

This was a really interesting, well put together video. First time viewer. Great work bro

@henderstech 9 ай бұрын

Thanks for the video. Not only great stories but I learned a lot aswell.

@Zoule 9 ай бұрын

These videos are great!!! Don’t stop, these are awesome!

@FaySmash 9 ай бұрын

I'm once again amazed how the fuck my homelab is more advanced and secure than those giant companies

@sandrao661 8 ай бұрын

dude this video style is 🔥 love it!

@dvlabsakie3484 9 ай бұрын

Thank you for the cool video! I really enjoy the way you present info

@cogYo 9 ай бұрын

Very well produced! Thanks 😊

@danbrit9848 8 ай бұрын

this is why i use cash

@SpeedingFlare 9 ай бұрын

It's a good day when there's a new Kevin Fang vid

@blerst7066 9 ай бұрын

The memes per second value in this video is insanely high.

@ROBO_KY 5 ай бұрын

Love the channel, it's really funny, but also very informative about events and how hackers do thier thing.

@MaNameizJeff 9 ай бұрын

The use of memes just makes this soo entertaining. I loled hard at the use of the boss level up animation.

@Scie 9 ай бұрын

Love your videos, have you looked into the Ukrainian power grid attack in 2015 or 2016. I read something on it a while ago and it seemed pretty wild. To lengthen the compromise they uploaded corrupted firmware to the UPS

@Epic_Aviation 9 ай бұрын

It's mentioned briefly at 0:25

@Scie 9 ай бұрын

@@Epic_AviationI should pay more attention lol

@Epic_Aviation 9 ай бұрын

@@Scie Lol 😂

@d.a.7689 9 ай бұрын

Bro. This content is amazing! Keep it goin!

@Ratinevo 9 ай бұрын

They had an IT department that didn't realise they were being hacked for 2 months? 😂😂😂 You have an excellent KZfaq way. Keep at it.

@QuickQuips 8 ай бұрын

Can't wait until you discuss the hacking in Vegas.

@kostiantyniliuchok1986 9 ай бұрын

Best Channel.

@eldrago19 9 ай бұрын

Point at the end is good but it is worth also mentioning that chip and pin cards as have been used in Europe for years are also protected against this sort of attack.

@memes_gbc674 9 ай бұрын

so you're basically saying most of this wouldn't have happened if they changed their default passwords

@janardannn 3 ай бұрын

man i am rewatching your videos, come on drop one more already

@johanperss1086 9 ай бұрын

Awesome video, thank you! It always comes down to human error or laziness lol.

@Stomj 9 ай бұрын

amazing as always

9 ай бұрын

Another excellent video, thank you

@inCawHoots 9 ай бұрын

Need more videos like these.

@ralphway823 9 ай бұрын

Even before watching I already know this is gonna be a banger

@matze489 9 ай бұрын

I follow you from you first video of this type from like 10 oder 20k subs. I i absolutly love this content

@DayaChowdry 9 ай бұрын

Amazing work. More like this please into real attacks that happaned.

@txthys 9 ай бұрын

this is such a true upload thank you mr kevin fang

@junglivre 9 ай бұрын

def one of the uploads that have been ever made

@RamanSharma-zk1bj 9 ай бұрын

Awesome video...shows how smart some people are (yet using their intelligence for illegal purposes)

@DaremKurosaki 6 ай бұрын

Adding to this: My brother-in-law was a senior engineer at Symantec at the time. IIRC, target *also* used some Symantec security software as part of their defenses at the time. According to him, Target tried to go after them on the grounds of "Hey, what are we paying you guys for? Isn't your shit supposed to help stop things like this?" Symantec's response was roughly "Well, that'd be true if you were actually paying us. You haven't in 5 years and haven't updated your software in 10."

@amadzarak7746 9 ай бұрын

bro you have captured a new niche of videos. can you recommend other channels with content like yours?

@zerou24 9 ай бұрын

Finally a new video from you:)

@leadscollector 9 ай бұрын

That was brilliantly insightful. Can I please ask what you use to make your animations

@MrGillb 9 ай бұрын

should do TJMax breach next, its one of the few prime examples of in the wild wifi hacking thats not just stealing your neighbors wifi

@Randy-nb6fw 2 ай бұрын

im doin a report on this one right now thx for all the sources and the qwick video :)

@bejibx 9 ай бұрын

Don't know if it's intentional, but "kaptoxa" is looking suspiciously similar to "картоха", which translates as "potato" from russian

@ivan.kulagin 9 ай бұрын

I’ve noticed that too and I’m sure this is international because the developers are Russian

@t0maz.m 8 ай бұрын

I am not that big of the cumputer guy, but you manage to excplain things that I somewhat understand

@Vicenarius 9 ай бұрын

Thank you for making this video

@JohnMammoth 9 ай бұрын

we need more videos like that! love it! :)

@colinerdman 9 ай бұрын

Great content. Can you do the 2017 AWS S3 failure?

@casev799 7 ай бұрын

As Targwt is massive corporation, I find the most unbelievable part of this is the free teir Malwarebytes, which also is somehow, entirely believable for a massive corporation

@sleepyyui 9 ай бұрын

I love these animations

@0xmoaz 9 ай бұрын

KEEP THIS PRO ❤❤

@Luckingsworth 9 ай бұрын

Its wierd to be watching one of these with insider info that explains some of the questions. The sad part is, thanks to this, it is now nearly impossible to access data internally within Target which makes real time data analysis basically impossible if you arent specificly assigned the role.

@Ian-lh9di 9 ай бұрын

you have admin rights ?

@DefaultUser9148 9 ай бұрын

I love ur vids so much, they are very well done c😭😭

@0znzw 9 ай бұрын

i found this funny due to the fact that you used among us characters with happy faces, love the video, very interesting!

@Raress96 9 ай бұрын

Really interesting video!

@pbpwn 9 ай бұрын

Do you have a Patreon? This has quickly become my favorite channel and would love to support your work.

@orbyfied 9 ай бұрын

5:33 killed me

@dhruvpatel3323 9 ай бұрын

Quality videos, Kevin boutta blow up soon

@Jonah.Kessler 9 ай бұрын

Love your videos!

@Game_Hi 9 ай бұрын

I love these videos

@zaca211 9 ай бұрын

Non financial customer data. As someone who works in this exact industry, NEVER let a store scan your ID. When they say they don't store this data, they are LYING. A system we installed for a beer store stores all customer information that is pulled from a customers ID including your name, ID number, and Address. Some of the new software can even pull data from state servers for verification.

@honkhonk8009 8 ай бұрын

yeah this why data privacy laws are a big deal. You cant trust old fucks to know what their doing

@xX_MC_OvU_PvP_YT_Xx 4 ай бұрын

"My own world experiences dictate what happens everywhere everyday all the time."

@SamK4074 4 ай бұрын

One issue this data breach highlights is 'alert fatigue'. It's all too common to just see the anti-virus software pop up with something suspicious and not bother to look into it because of previous false positives & the fact it looks too generic. You just assume all is good, when in this case, it very much was not. Alert fatigue is something that needs to be mentioned more often and caught early.

@EquaTechnologies 6 ай бұрын

Thank you for the tutorial 😎

@odpayment 9 ай бұрын

please keep making these videos

@TheLegitAlpha 9 ай бұрын

This was one of the first supply chain attacks I have heard of. Edit: I am dumb. A supply chain attack targets software builds to compromise one or more targets. This is actually a third party attack, which uses a third party contractor to springboard into a larger target. They are surprisingly comparable.

$@fractastical9040$

@fractastical9040 9 ай бұрын

Fascinating! (Also, wow, trojan citadels?)

@DccToon 5 ай бұрын

i have noticed the average time for the videos is 1.67 months very cool

@shawn576 4 ай бұрын

The ad placement is perfect. Around 1:35 you ask what kind of method was used to hack the thing. Ad of Wix starts playing. I fall out of my chair due to laughing.