Hannaford to spend 'millions' on IT security upgrades after breach
CEO and CIO say grocer will encrypt payment card data, add new monitoring capabilities
Computerworld - Executives at Hannaford Bros. Co. said today that the grocer expects to spend "millions" of dollars on IT security upgrades in the wake of the recent network intrusion that resulted in the theft of up to 4.2 million credit and debit card numbers from its systems.
The planned upgrades include the installation of new intrusion-prevention systems that will monitor activities on Hannaford's network and the individual systems at its stores, plus the deployment of PIN pad devices featuring Triple DES encryption support in store checkout aisles.
Hannaford also has signed on IBM to do around-the-clock network monitoring under a managed security services deal, according to Ron Hodge, the grocer's president and CEO, and Bill Homa, its CIO. In addition, the Scarborough, Maine-based company had said previously that it had replaced all of the servers in its stores as part of an effort to rid its network of malware that was placed on them during the intrusion.
Hodge said during a press conference this morning that Hannaford is working with IBM, General Dynamics Corp., Cisco Systems Inc. and Microsoft Corp. on the upgrade program, which is aimed at putting "military- and industrial-strength" security controls in place. The total price tag for the security upgrades will be "a big number," he added, although the exact cost has yet to be determined. "It's going to be millions, but not tens of millions," Hodge said.
The only specific cost that he broke out was about $5,000 per store for the host-based intrusion-prevention tools that will be installed on local systems. Hannaford said previously that the data breach involved payment card transactions processed at nearly 300 stores — all of its 165 supermarkets in New England and New York, plus 106 stores operated under the Sweetbay name in Florida and 23 independently owned markets that sell Hannaford products. If the intrusion-prevention technology is deployed at each of those locations, the tab for that part of the upgrade program alone would amount to $1.5 million.
Hannaford disclosed on March 17 that unknown intruders had broken into its computer network and stolen the credit and debit card numbers as well as their expiration dates. In a letter sent to Massachusetts officials eight days later, the company said that the perpetrators had planted malware on the servers at each of the 294 affected stores.
The malware intercepted the card data as it was being transmitted from point-of-sale systems to authorize transactions, then forwarded the information in batches to a server located overseas, according to Hannaford. The incident at the grocery chain and a similar one reported two weeks later by the Okemo Mountain Resort ski area in Vermont indicate that cybercrooks are now targeting data that's in transit between systems, when it may not be encrypted or as well protected as stored data is.
- Step Out of the Bull's-Eye Learn about the evolution of targeted attacks, the latest in security intelligence, and strategic steps to keep your business safe.
- Using Cyber Insurance and Cybercrime Data to Limit Your Business Risk This paper examines the challenges of understanding cyber risks, the importance of having the right cyber risk intelligence, and how to use this...
- 5 Tips to Secure Small Business Backdoors in the Enterprise Supply Chain This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Comprehensive Advanced Threat Defense The hot topic in the information security industry these days is "Advanced Threat Defense" (ATD). This paper describes a comprehensive, network-based approach to...
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Keep Servers Up and Running and Attackers in the Dark An SSL/TLS handshake requires at least 10 times more processing power on a server than on the client. SSL renegotiation attacks can readily... All Cybercrime and Hacking White Papers | Webcasts