Hi Everyone, Ed Amoroso here. And in this video I want to talk to you about a case study of something that happened back in January 2014. Happened to a really fine company here in the United States, Target, that you've probably heard of. Maybe you shop there, wonderful company. But they, along with many, many, many, many, many other companies were the victim of an advanced persistent threat, an APT, a targeted attack and it involved third parties. So what happened was third parties had access to their gateway, managed to get through the gateway that it had been set up for third parties to gain access to. They were able to somehow compromise that access and find the lateral traversal on the network. Credit card processing systems, the card swipe systems that you and I and everybody use, and here in the United States back in 2014 we were still using older technology that didn't involve chip and pins. We used magnetic stripes and it was exposing credit card numbers in clear text onto systems. So this is what happened and it exfiltrated out through gateways that weren't properly filtering. Again I don't bring this up in the context of Target, because I want to be critical of them. Because full disclosure, I think this sort of thing has happened to so many companies, that this is just sort of representative rather than in any way showing something that I would consider more or less neglect than anybody else, it's a very typical kind of problem. But there's a couple things that pop up out of this that I think are important for all of us to think about as cybersecurity experts, kind of transcends the technology but I think it's important for us to think about. The first is, what is the impact of a cyber attack on a business? Now it turns out that Target being the fine company that it is, was able to recover. I'm sure they did what they needed to do internally to fix things up, they probably learned quite a bit about it. Obviously encrypting all the credit cards and I think we go back and you look historically at their stock price, you can see that it more or less rebounded. So, it's probably the case, that a disclosure attack in modern time, is not going to be, say a death knell for a typical company or government group, that's probably true. But a number of executives did lose their job as a result of this. And we can sort of ponder whether that's fair or not, I mean you can have your own opinion. As many people who are watching this video, that's probably how many different opinions we would have about that. But I think this question of what the consequences are to a typical organization that gets a cyber attack, is something we need to think about. And I want you to think of it in two different groupings. The first would be disclosure of confidential information, credit card, customer data, so on. And the second would be integrity problems that affect the operations of the business. Now let's take each in turn. We've seen in the last few years, so many companies like Target lose our personal information, [LAUGH] that it's sort of numbing now. There's term that you use called security fatigue which means you just one after another after another, these things after a while you say well I just have no privacy, my credit card's hacked, and it is what it is and business goes on, right? If right now as we're filming this video here in our studio, if some bad people somehow had a listening device in the room and they were stealing all my lectures here to you, I wouldn't like it. But, the video goes on, and life goes on, and it sort of doesn't matter. So, that's the first category. And the second we said is disruptive, that's where an attack basically causes a business to not be able to function. Breaks their systems, destroys their network, destroys records, blocks access to their systems. Like here, we're now talking, and doing a filming of this video. Suppose hackers were able to turn the lights off, turn the camera off, turn everything off in the room. The video stops, life does not go on. We can't just sweep that under the carpet, I think what we're going to see in the coming years is a shift from disclosure attacks to more consequential destructive attacks. And you might've seen some of that like here in the United States, the Sony Pictures Corporation has some problems where they were attacked and it had real integrity based consequence to what they were doing. So let's keep that all sort of in mind as we think through these attacks that you hear about every single day. That there are disclosure issues that we've all been somewhat numb to as a result of security fatigue. But what's coming would be more destructive issues. Think ransomware for example, certainly much more consequential and creates a paralysis that has to be dealt with. You can't just allow things to proceed if you're the victim of a destructive or operational attack that makes it difficult for you to conduct your business. So I hope this is useful insight for you. I'll see you in the next video.
