Hacking a Target’s Remote Access System: What to Know Before You Hack It
An employee at a Target store in Georgia had access to the company’s remote access software before the incident and is suspected of hacking the store’s security system, according to the Wall Street Journal.
The suspect used the program to install malware on the systems of at least five different Target stores and several other retailers, including the one that was targeted in the cyberattack.
According to the Journal, the employee installed the software on the system of a Target manager and then accessed the manager’s computer to install malicious software.
In total, the system had six different systems infected with malware, including one system with a trojan on the manager and two other systems that included malicious software on other systems.
The software, dubbed HRMS, is used by Target employees to log into the Target System to access customer information, store passwords, and other internal systems.
Target has been criticized for the vulnerability of its remote access system.
In May, Target announced it was developing new security measures to make its remote system more secure, including new protocols that could require an employee to log in with their password, access the system and have access to their company’s internal systems to remotely access data.
In July, Target CEO Gregg Steinhafel said the company was “actively investigating” the attack.
Target’s chief information security officer, Brian Krebs, has repeatedly criticized Target’s security and has accused Target of not taking security seriously enough.