Walmart Cyber Security Attack

Certain documents relating to a wave of 2005-2006 cyber attacks on Wal-Mart—the United States' largest retailer—has just been released.

It shows that the company is among the

earliest targets of hackers who were specifically after the bank-card-processing systems of brick-and-mortar stores way back in 2005.

The information about the system exploit as well as Wal-Mart's difficulties in reconstructing these past events has shed some new light on the exposed condition of retail security at the time despite the placement of payment-processing regulations since the beginning of the decade.

During the period when the attacks occurred, other similar assaults featuring the same modus operandi were happening at Dave & Buster's restaurants, TJX, and many other corporations, which eventually resulted in about one hundred million cards being compromised at the time.

A twenty-eight-year-old Miami resident by the name of Albert Gonzalez pleaded guilty this October to carrying out many of these intrusions as well as facing unsettled indictments for the remaining cases.

Wal Mart compromised and breached in November 2006

All the same, after many months of undetected break-ins since 2005, the Wal-Mart breach really started unraveling on November 5, 2006, after the retail giant's IT security department was brought in to investigate a suspicious server crash.

The dubiousness of the crash rooted from the fact that someone had installed L0phtrack (a password-cracking program) onto the system itself, which made the incident anything but a routine event.

In fact, it was the intruders' attempts at launching the program that caused the crash in the first place.

Investigators discovered that the application had been remotely installed by a person utilizing a generic VPN network administrator account that was assigned to an ex-Wal-Mart employee from Canada that the IT department failed to suspend after the worker left the company.

According to the documents, during the time that the server crashed, the hacker was able to connect to the retailer's network for seven hours straight from an IP address originating in Minsk.

Wal-Mart representatives declined to comment about the initial date of the breach, the server logging, or the conclusions the company itself has gleaned from its last report. Nevertheless, Wal-Mart's security team was able to discern about eight hundred machines that the hacker either attempted to brute force through or actually connected with in accordance to a November 10, 2006 email message that sums up the initial parts of the investigation.