Masquerade Attack
Masquerade Attack
Many of us still remember when Target experienced a massive credit card breach affecting over forty million customer accounts. The states’ investigation into the breach revealed that attackers stole the credentials of Target’s HVAC contractor, Fazio Mechanical Services. After using the third-party vendor’s details to get into Target’s internal web application, they installed malware on the system and captured names, phone numbers, payment card numbers, credit card verification codes and other highly sensitive information.
What you need to know: A masquerade attack happens when a bad actor uses a forged or legitimate (but stolen) identity to gain unauthorized access to someone’s machine or an organization’s network via legitimate access identification. Depending on the level of access the permissions provide, masquerade attacks could give attackers access to an entire network.
Comments
Post a Comment