Home Depot fixes America’s household problems. If you’re planning a do-it-yourself project, whether it’s repairing a leaky faucet or installing new linoleum flooring, you’re probably going to visit a Home Depot to buy your materials or get some advice.
America’s largest home improvement retailer seems to have a repair for everything, but after news that its payment systems had been breached, Home Depot has a lot of work ahead to get its own house in order. It faces a long road as it repairs its reputation, its relationships with customers and its network security.
In what the New York Times speculated could be the “largest known breach of a retail company’s computer network,” a massive breach that affected more than 2,000 Home Depot locations in the U.S. and Canada between April and Labor Day, exposing the credit card information of an estimated 60 million customers.
These are unprecedented numbers, topping the infamous Target breach of last holiday season. By comparison, that attack did not last as long (three weeks), affected fewer stores (about 1,500) and resulted in fewer victims (40 million).
The information security press has been quick to criticize Home Depot for its handling of the advanced persistent threat (APT) attack, particularly for its slow response. Eric W. Cowperthwaite, vice president of Core Security, told the Times, “This is not how you handle a significant security breach, nor will it provide any sort of confidence that Home Depot can solve the problem going forward.”
Lessons from the Target Breach
In KrebsOnSecurity’s original report of a possible breach earlier this month, Brian Krebs reported that Home Depot registers had been infected by “BlackPOS” – the same strain of malware found on Target point-of-sale systems last winter.
And the parallels don’t stop there.
After both network security breaches, customer data surfaced on Rescator, a black market website that peddles stolen credit card information. And what’s more, both Target and Home Depot were attacked when their sales usually spike – Target during the holiday season and Home Depot during the spring, which this year produced a record number of transactions.
Both retailers have also taken similar steps to address the attacks publically. Just as Target did, Home Depot is offering “free identity protection services, including credit monitoring” to any customer who shopped at the store from April 2014 onward.
What’s still unclear is how hackers were able to breach Home Depot’s computer network. In the case of Target, attackers gained remote access to its network by finding a vulnerable point-of-entry in the form of one of the retailer’s HVAC contractors. If that’s also the case here, as it’s been with other prominent companies that have been attacked, it’s yet another reminder of the need for more secure remote access.
Any time a mobile employee or endpoint accesses a corporate network remotely, instead of working within the safer confines of the immediate network, there’s a greater chance that an attacker could exploit a vulnerability if the proper network security measures aren’t in place. In order for a network administrator to map out a complete view of the network, including remote users, tools like centrally managed VPNs are critical. This way, if a breach is detected, an administrator can take immediate steps to halt the attack, from deprovisioning users to revoking network access.
As Home Depot rebuilds its network security infrastructure, this is just one of many steps it will need to take to prevent another attack.
Want to learn more about remote access VPN?
In Remote Access VPN For Dummies, we cover:
– The full VPN landscape, including hybrid IPsec/SSL VPN solutions
– The evolution of remote access VPN
– How to provide users with secure remote access
– How to simplify remote access VPN and reduce costs