When I first started covering cybersecurity, I talked with a lot of top computer experts, intelligence officials, lawmakers with high-level security clearances. The people who know about computers and security seemed genuinely freaked out. Their biggest concern: This whole thing is evolving faster than we can plan for it.
All of that research came back to me this week when we found out that criminals seem to have attacked Target by going through one of its contractors in the Pittsburgh suburb of Sharpsburg. Here’s our take on how it most likely went down…
For computer hackers, it’s like playing the Powerball.
Criminals looking to steal credit card records from a major retailer such as Target will play as many angles as they can, blitzing the company’s contractors to find a way inside its systems, hacking experts told the Tribune-Review Friday.
“Really what attackers are doing is a game of numbers,” said David Brumley, a computer security researcher at Carnegie Mellon University. “If they compromise enough individual computers… one of those will have access to their target computer.” Read more.
My ongoing investigative series CyberRattling: The Next Threat has looked at the advantages that hackers have. They only have to find one way in, while companies trying to defend themselves must cover up every possible gap. A single coding mistake, in the wrong hands, can be an opening to be exploited. It’s easy to see why so many people are worried.