Home > Free Essays > Tech & Engineering > Computer Security > Unauthorized Intrusion in TJX Companies
Cite this

Unauthorized Intrusion in TJX Companies Report


Executive Summary

The paper outlines a data breach report on an incident that took place on December 17, 2006, and involved the TJX Companies, Inc. (henceforth TJX). The incident affected the personal and credit information of more than 94 million customers of the company. TJX maintained custody of sensitive customer information while failing to keep abreast of security advances. It has been argued that the incident occurred due to outdated security protocol, which allowed intruders to access the organization’s Retail Transaction Switch (RTS) servers.

In addition to using WEP standard, the company also failed to install a firewall for proper protection of its WLANs. The paper recommends the company to migrate to WPA 2, incorporate Wireless Intrusion Protection System (WIPS), and eliminate other security lapses, thereby ensuring that intruders cannot access its system without being immediately detected and blocked.

Introduction

Information security breaches constitute a substantial threat for businesses; therefore, it is of utter importance to engage in the proper management of information technologies (IT) vulnerabilities to ensure that a company’s corporate standing is not undermined by external influences of malicious nature. To this end, IT security professionals have to conduct security assessments, train relevant stakeholders, manage security performance and breaches, and prepare security reports (Persse 146). The aim of this paper is to detail a report on an unauthorized intrusion into TJX. The paper will include a description of the event and provide recommendations for strengthening the security of the company’s IT assets.

Report

Summary of the Event

The unauthorized intrusion was registered on December 17, 2006 (OPC). The breach allowed the intruders to gain access to customer data.

Data

More than 94 million credit and debit card numbers were stolen by the intruders upon gaining access to the system (Ciampa 354). Additional customer information such as names, telephones, and drivers’ licenses were also accessed, collected, and retained by the intruders. Moreover, data concerning customer transactions in the following stores owned by TJX was compromised by the breach: T. J. Maxx, HomeGoods, A. J. Wright, Winners, HomeSense, and Marshalls (TJX).

Cost

At this point, the complete cost of the intrusion cannot be ascertained. Full information will be available after the involved credit companies and banks issue their reports.

Timing

The attackers accessed the company’s system in July 2005 (OPC). The first breach was registered on December 18, 2006 (OPC). The investigation of the intrusion started immediately. Five days later, several US, UK, and Canadian law enforcement agencies were informed about the intrusion.

Intruders’ Actions

It has been ascertained that the intruders accessed the data at one of the company’s subsidiaries—WMI located in Canada. The subsidiary owned 252 locations across the country (TJX). It is believed that the attackers accessed the RTS servers to steal personally identifiable information as well as credit and debit card numbers of the company’s customers. At the time of the first breach, the security management team was upgrading the company’s security standards from an outdated Wired Equivalent Privacy (WEP) standard to Wi-Fi Protected Access (WPA) standard, in accordance with the TJX’s internal security strategy (Ciampa 354).

The theft of data was performed by capturing wireless Local Area Network (LAN) transmissions in one of WMI outlets (Ciampa 354). The intruders had exploited weak protection of the network, which allowed them to place malware for processing and storing information.

Post-Incident Procedures

Upon discovery of the breach, all collection and retention of customer information were ceased. Security management started an immediate investigation of the incident to analyze the security of the company’s system. To minimize the risk of future breaches, vulnerabilities of the system were assessed. The cost of preventive measures will be calculated and presented in a separate report.

Analysis

The breach has shown a lack of security awareness in TJX. Taking into consideration, high costs of a credit card replacement, it is clear that the security compromise was associated with substantial damage to the company’s reputation. There is no denying that the breach was precipitated by the security team failed to transition to WPA standard. At the time of the intrusion, the company used WEP security protocol.

In 2003, the Institute of Electrical and Electronics IEEE issued a report that contained a recommendation to transfer to WPA standard (Chen et al. 49). It has to do with the fact that WEP does not have an embedded key management mechanism. In the case under discussion, the third parties explored one of the main vulnerabilities of the standard—initialization vector keys values of 24—to gain unauthorized access to the system.

Unlike WEP, WPA standard has an initialization vector size of 40, which prevents the change of key collision generation (Chen et al. 49). In addition, the key management mechanism of the protocol replaces keys when their lifetime reaches a predetermined limit. Furthermore, the standard is characterized by dynamic key encryption, which can further protect wireless communication channels.

Possible Actions and Recommendations

To address the security vulnerability that caused the incident, it is necessary to ensure that the company implements a comprehensive wireless security solution. To this end, a new transitional solution should be considered. Given that WPA has been developed “as an interim short-term solution to address the critical WEP vulnerabilities and was not seen as a long-term solution,” the company’s security team has to opt for a more reliable standard (Ciampa 361).

The company is recommended to transition to WPA 2, thereby making sure that attackers do not exploit numerous vulnerabilities of both WEP and WPA. The standard was recommended by IEEE as the second generation of original encryption product that is based on the Advanced Encryption Standard (AES) (Murphy 372). WPA 2 eliminates vulnerabilities of the previous standard in the areas of encryption and authentication by introducing a block cipher encryption algorithm, the Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) and Remote Authentication Dial-in User Service (RADIUS).

To ensure that more sophisticated breaches do not take place in the future, it is not sufficient to migrate to a new security protocol. Rather, the company’s WLAN design has to incorporate the Wireless Intrusion Protection System (WIPS). The system is based on the notion of proactive security management and allows monitoring network traffic to identify categories and block unauthorized access (Ciampa 372).

Other actions that should be taken by the security team is to identify other weak points in the TJX’s security measures with the focus on RTS servers and WLANs. Conduct proper privacy and security training and monitor staff awareness of the privacy policy. It is also important to review the separation of duties and encrypt data both in rest and motion.

Conclusion

The paper has presented the report on the unauthorized intrusion in TJX that allowed access, collection, and retention of personal and credit data of more than 94 million customers. It has been argued that the breach occurred due to the failure of the company’s security team to update the security protocol. Based on the analysis of the incident, several response activities have been proposed.

Works Cited

Chen, Lei et al. Wireless Network Security: Theories and Applications. Springer Science & Business, 2013.

Ciampa, Mark. CWNA Guide to Wireless LANs. 3rd ed., Cengage Learning, 2012.

Murphy, George. Systems Security Certified Practitioner: Study Guide. Sybex, 2015.

OPC. “Priv.gc. Web.

Persse, James. The IT Service Management Process Manual. Van Haren, 2013.

TJX. “The TJX Companies, Inc. Victimized by Computer Systems Intrusion; Provides Information to Help Protect Customers.” Investor.tjx. Web.

This report on Unauthorized Intrusion in TJX Companies was written and submitted by your fellow student. You are free to use it for research and reference purposes in order to write your own paper; however, you must cite it accordingly.
Removal Request
If you are the copyright owner of this paper and no longer wish to have your work published on IvyPanda.
Request the removal

Need a custom Report sample written from scratch by
professional specifically for you?

Writer online avatar
Writer online avatar
Writer online avatar
Writer online avatar
Writer online avatar
Writer online avatar
Writer online avatar
Writer online avatar
Writer online avatar
Writer online avatar
Writer online avatar
Writer online avatar

301 certified writers online

GET WRITING HELP
Cite This paper

Select a referencing style:

Reference

IvyPanda. (2020, October 29). Unauthorized Intrusion in TJX Companies. Retrieved from https://ivypanda.com/essays/unauthorized-intrusion-in-tjx-companies/

Work Cited

"Unauthorized Intrusion in TJX Companies." IvyPanda, 29 Oct. 2020, ivypanda.com/essays/unauthorized-intrusion-in-tjx-companies/.

1. IvyPanda. "Unauthorized Intrusion in TJX Companies." October 29, 2020. https://ivypanda.com/essays/unauthorized-intrusion-in-tjx-companies/.


Bibliography


IvyPanda. "Unauthorized Intrusion in TJX Companies." October 29, 2020. https://ivypanda.com/essays/unauthorized-intrusion-in-tjx-companies/.

References

IvyPanda. 2020. "Unauthorized Intrusion in TJX Companies." October 29, 2020. https://ivypanda.com/essays/unauthorized-intrusion-in-tjx-companies/.

References

IvyPanda. (2020) 'Unauthorized Intrusion in TJX Companies'. 29 October.

More related papers