Chances are you have heard about the data breach at Target that occurred late last year, in which customers’ information including credit card numbers were obtained through a cyberattack.
The details are still under investigation, and the results of what is found could have a major impact on both network and credit card security. During this ongoing investigation, information about the attack has been appearing online and in the media. Some of this information has been fairly accurate, while other parts have been speculation. For example, the website www.KrebsOnSecurity.com revealed that the credentials to access the Target network were stolen from an HVAC and refrigeration contractor. This information appears to be accurate, but the site then went on to speculate that the contractor may have had access to the Target network in order to monitor the control systems for HVACR and refrigeration. That turned out to be false; the contractor had access to get work orders and to submit invoices. But even having this issue raised has caused concern for many owners about control systems being a potential security weakness.