The paper outlines a data breach report on an incident that took place on December 17, 2006, and involved the TJX Companies, Inc. (henceforth TJX). The incident affected the personal and credit information of more than 94 million customers of the company. TJX maintained custody of sensitive customer information while failing to keep abreast of security advances. It has been argued that the incident occurred due to outdated security protocol, which allowed intruders to access the organization’s Retail Transaction Switch (RTS) servers.
We will write a custom Report on Unauthorized Intrusion in TJX Companies specifically for you
301 certified writers online
In addition to using WEP standard, the company also failed to install a firewall for proper protection of its WLANs. The paper recommends the company to migrate to WPA 2, incorporate Wireless Intrusion Protection System (WIPS), and eliminate other security lapses, thereby ensuring that intruders cannot access its system without being immediately detected and blocked.
Information security breaches constitute a substantial threat for businesses; therefore, it is of utter importance to engage in the proper management of information technologies (IT) vulnerabilities to ensure that a company’s corporate standing is not undermined by external influences of malicious nature. To this end, IT security professionals have to conduct security assessments, train relevant stakeholders, manage security performance and breaches, and prepare security reports (Persse 146). The aim of this paper is to detail a report on an unauthorized intrusion into TJX. The paper will include a description of the event and provide recommendations for strengthening the security of the company’s IT assets.
Summary of the Event
The unauthorized intrusion was registered on December 17, 2006 (OPC). The breach allowed the intruders to gain access to customer data.
More than 94 million credit and debit card numbers were stolen by the intruders upon gaining access to the system (Ciampa 354). Additional customer information such as names, telephones, and drivers’ licenses were also accessed, collected, and retained by the intruders. Moreover, data concerning customer transactions in the following stores owned by TJX was compromised by the breach: T. J. Maxx, HomeGoods, A. J. Wright, Winners, HomeSense, and Marshalls (TJX).
At this point, the complete cost of the intrusion cannot be ascertained. Full information will be available after the involved credit companies and banks issue their reports.
The attackers accessed the company’s system in July 2005 (OPC). The first breach was registered on December 18, 2006 (OPC). The investigation of the intrusion started immediately. Five days later, several US, UK, and Canadian law enforcement agencies were informed about the intrusion.
It has been ascertained that the intruders accessed the data at one of the company’s subsidiaries—WMI located in Canada. The subsidiary owned 252 locations across the country (TJX). It is believed that the attackers accessed the RTS servers to steal personally identifiable information as well as credit and debit card numbers of the company’s customers. At the time of the first breach, the security management team was upgrading the company’s security standards from an outdated Wired Equivalent Privacy (WEP) standard to Wi-Fi Protected Access (WPA) standard, in accordance with the TJX’s internal security strategy (Ciampa 354).
The theft of data was performed by capturing wireless Local Area Network (LAN) transmissions in one of WMI outlets (Ciampa 354). The intruders had exploited weak protection of the network, which allowed them to place malware for processing and storing information.
Upon discovery of the breach, all collection and retention of customer information were ceased. Security management started an immediate investigation of the incident to analyze the security of the company’s system. To minimize the risk of future breaches, vulnerabilities of the system were assessed. The cost of preventive measures will be calculated and presented in a separate report.
The breach has shown a lack of security awareness in TJX. Taking into consideration, high costs of a credit card replacement, it is clear that the security compromise was associated with substantial damage to the company’s reputation. There is no denying that the breach was precipitated by the security team failed to transition to WPA standard. At the time of the intrusion, the company used WEP security protocol.
In 2003, the Institute of Electrical and Electronics IEEE issued a report that contained a recommendation to transfer to WPA standard (Chen et al. 49). It has to do with the fact that WEP does not have an embedded key management mechanism. In the case under discussion, the third parties explored one of the main vulnerabilities of the standard—initialization vector keys values of 24—to gain unauthorized access to the system.
Unlike WEP, WPA standard has an initialization vector size of 40, which prevents the change of key collision generation (Chen et al. 49). In addition, the key management mechanism of the protocol replaces keys when their lifetime reaches a predetermined limit. Furthermore, the standard is characterized by dynamic key encryption, which can further protect wireless communication channels.
Possible Actions and Recommendations
To address the security vulnerability that caused the incident, it is necessary to ensure that the company implements a comprehensive wireless security solution. To this end, a new transitional solution should be considered. Given that WPA has been developed “as an interim short-term solution to address the critical WEP vulnerabilities and was not seen as a long-term solution,” the company’s security team has to opt for a more reliable standard (Ciampa 361).
Get your first paper with 15% OFF
The company is recommended to transition to WPA 2, thereby making sure that attackers do not exploit numerous vulnerabilities of both WEP and WPA. The standard was recommended by IEEE as the second generation of original encryption product that is based on the Advanced Encryption Standard (AES) (Murphy 372). WPA 2 eliminates vulnerabilities of the previous standard in the areas of encryption and authentication by introducing a block cipher encryption algorithm, the Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) and Remote Authentication Dial-in User Service (RADIUS).
To ensure that more sophisticated breaches do not take place in the future, it is not sufficient to migrate to a new security protocol. Rather, the company’s WLAN design has to incorporate the Wireless Intrusion Protection System (WIPS). The system is based on the notion of proactive security management and allows monitoring network traffic to identify categories and block unauthorized access (Ciampa 372).
The paper has presented the report on the unauthorized intrusion in TJX that allowed access, collection, and retention of personal and credit data of more than 94 million customers. It has been argued that the breach occurred due to the failure of the company’s security team to update the security protocol. Based on the analysis of the incident, several response activities have been proposed.
Chen, Lei et al. Wireless Network Security: Theories and Applications. Springer Science & Business, 2013.
Ciampa, Mark. CWNA Guide to Wireless LANs. 3rd ed., Cengage Learning, 2012.
Murphy, George. Systems Security Certified Practitioner: Study Guide. Sybex, 2015.
Persse, James. The IT Service Management Process Manual. Van Haren, 2013.
TJX. “The TJX Companies, Inc. Victimized by Computer Systems Intrusion; Provides Information to Help Protect Customers.” Investor.tjx. Web.