#RSS [Type=count&ClientType=2&AdID=198672&FlightID=122203&TargetID=10593&SiteID=2 22&AffiliateID=283&EntityDefResetFlag=0&Segments=3108,3448,6172,7119,14542&T argets=2625,2878,4935,7018,10593&Values=34,46,51,63,77,87,92,102,140,222,227 ,283,442,655,1255,1311,1405,1716,1767,1785,1798,1925,1970,2299,2310,2325,235 2,2678,2727,2767,2862,2942,3216,3347,3890,3904,4080,4834,6293,6356,6391,6392 ,6393,6422,6440,6506,6541&RawValues=&random=blyNWtj,behxurjzucknh] Guide to the TechWeb Network * White Papers | * Blogs | * Video | * Events | * Webcasts | * Newsletters | * Feeds | * What's Hot Digital Library TechWeb Digital Library InformationWeek Blog | Wall Street and Technology Blog | Light Reading Blog TechWeb TV Enterprise 2.0 Conference | InformationWeek 500 Conference | Interop New York TechWebCasts InformationWeek Newsletters | Blog Newsletter | Intelligent Enterprise Newsletters RSS | Facebook | Twitter | iGoogle Gadget InformationWeek Mobile | Blogs Newsletter [Type=count&ClientType=2&AdID=193711&FlightID=118880&TargetID=10068&SiteID=2 22&AffiliateID=283&EntityDefResetFlag=0&Segments=96,115,2549,2690,3108,3448, 7547,8877,9991,10090,10293,12614,13943,13985,14402,14497,14514&Targets=147,3 15,2164,2625,2878,5859,6529,6991,8958,10592,10068,10537,10640&Values=34,46,5 1,63,77,87,92,102,140,203,222,227,283,442,655,1255,1311,1405,1716,1767,1785, 1798,1925,1970,2299,2310,2325,2352,2678,2727,2767,2862,2942,3347,3890,3904,4 080,4834,6293,6356,6391,6392,6393,6422,6440,6506,6541&RawValues=&random=ccbN hNu,behxurjzqqucz] _________________________________________________________________ Welcome Guest. | Log In| Register | Membership Benefits InformationWeek Defining The Business Value Of Technology Part of the TechWeb Business Technology Network Information Week Defining The Business Value Of Technology Get the latest iPhone News ____________________ Go * RSS Feeds * Subscribe * Events * White Papers * News * Blogs * Software * Security * Hardware * Mobility * Windows * Internet * CIO Central * Reports & Analytics * Careers * 3G/Wireless Broadband * Mobile Business * Messaging * Wi-Fi/WiMax * RFID * Fixed Mobile Convergence * Wi-Fi VOIP * Muni Wireless * Wireless Security * Smartphones * WLAN * 802.11x * All Mobility Stories * Blogs * Mobility Discussions Email this page E-mail this page | Print Print this page | Bookmark and Share T.J. Maxx Data Theft Likely Due To Wireless 'Wardriving' Industry analysts suggest some 45 million credit and debit card data could have been poached from a thief with a laptop, a telescope antenna, and a wireless LAN adapter. By Larry Greenemeier InformationWeek May 9, 2007 05:00 PM TJX, the parent company of T.J. Maxx, Marshalls, and other retailers, has not acknowledged how data on more than 45 million credit and debit card users who had shopped at the company's retail locations was stolen and sold to fraudsters. Still, a recent article in the Wall Street Journal fingering a wireless data poaching tactic known as "wardriving" and the deficiencies of an aging wireless security protocol known as Wired Equivalent Privacy as the culprits has ignited a storm of speculation among security researchers over how the crime was pulled off and who's to blame. More Mobility Insights White Papers * Bring Order to Chaos: A Guide for Creating a Corporate Mobility Policy * SAS Enterprise Intelligence Platform Reports * A Tipping Point For The Trusted Platform Module? * Nokia's Symbian Deal Rewrites The Smartphone Rules It's likely that the cyber attacker or attackers who stole millions of customer records from TJX stumbled across a vulnerable store location while staking out a strip mall or shopping center from their car using a laptop, a telescope antenna, and an 802.11 wireless LAN adapter. "The cyber thieves most likely went to a strip mall shopping center and pointed it at the different stores," says Mark Loveless, senior security researcher for network-access control technology vendor Vernier, who goes by the online handle of "Simple Nomad." While the TJX store wasn't likely at the top of their list, they found that it was accessible and yielded information they could use to further penetrate TJX's IT systems. "The allure was too good to pass up," he adds. Wardriving describes the practice of driving one's car around with laptop and antenna to detect wireless access points and see how they're configured. When a global positioning system receiver is added, a map can be made of the different access points. A telescope antenna lets wireless poachers attack their targets from miles away; they don't even have to be sitting in the store's parking lot. Competitions at past Black Hat security conferences have seen some wardriving systems detect wireless data up to 45 miles away, Loveless says. "Once the attacker is connected into the wireless network, they can sniff traffic to see what data's going where," Loveless says. For example, an attacker might see that all applications are being logged to a central server, such as barcode scanning software accessing a SQL database. "So that's where you concentrate your efforts," he adds. Eventually, an attacker is able to compromise a PC, domain name system server, or VPN servers. This sort of attack happens all the time, according to Loveless and a number of other security researchers. What makes the TJX hit so special is the sheer volume of information stolen. This meant that time is also a factor in understanding how the attack was perpetrated. Given that data can only moves across a network so fast, it would have taken the cyber thieves hours to sit in their parked car and download tens of millions of records. More likely, "they set up a machine at home or on the Net that used some of the stolen information to break in and steal more," Loveless says. "If they indeed break into the system through this Marshall's store (as reported), one can easily imagine the store was not storing 45 million credit card records there," agrees Cedric Blancher, head of European Aeronautic Defence and Space Company's computer security research department in France and a specialist in wireless security. Further, since the initial attack against TJX required the cyber thieves to be in the proximity of a TJX store, it's unlikely that they were involved in an international conspiracy to steal customer data. "I highly doubt that the Russian mafia flew overseas and sat with a directional antenna trying to grab this information," Loveless says. "It was probably done by people living right here in this country." Once the information was stolen, however, all bets are off, as the customer data could have appeared in countless underground marketplaces where purloined data is bought and sold. Yet wardriving is not foolproof. In fact, it relies on weak security to be effective. Often, "when a company puts in wireless, they don't put it in securely," Loveless says. "They forget that wireless is yet another way in. inviting people to come in through a side window." Security researchers say that, if TJX was securing the Marshalls location using Wired Equivalent Privacy, or WEP, they were using an outdated protocol that's notorious for allowing small amounts of data to leak from data packets flowing across a wireless network. "If you sniff the traffic, you'll find those bits going back and forth across the network," Loveless says. Companies that have already invested in access points supporting WEP might be reluctant to replace this equipment with new equipment that supports WPA or WPA2, he acknowledges. Still, security pros have for years know about WEP's deficiencies, in particular its propensity to give up its encryption key when attacked. While the technology has improved over the years, so have the techniques for attacking it. In April, an attack published by security researchers to the Web reduced the time to crack WEP encryption from about 30 minutes to as quickly as one minute, Blancher says. "In standard WEP, every device uses the same key," he adds. "If an attacker breaks the key, he has complete control of network." Page 2: Protecting Wireless Networks [spacer.gif] 1 | 2 Next Page » [xml.gif] Subscribe to RSS Bitty Browser (JavaScript required) [Type=count&ClientType=2&AdID=160620&FlightID=97385&TargetID=9578&SiteID=222 &AffiliateID=283&EntityDefResetFlag=0&Segments=3108,3448,11291,12119,12681,1 3386,13719&Targets=2625,2878,7904,9578,9850&Values=34,46,51,63,77,87,92,102, 140,222,227,283,442,655,1255,1311,1405,1716,1767,1785,1798,1925,1970,2299,23 10,2325,2352,2678,2727,2767,2862,2942,3347,3890,3904,4080,4482,4834,6293,635 6,6391,6392,6393,6422,6440,6506,6541&RawValues=&random=vierIc,behxurjzqqucA] » Write To Editor » Reprint This Article » Download Top Reports Advertisement [Type=count&ClientType=2&AdID=193712&FlightID=118881&TargetID=10070&SiteID=2 22&AffiliateID=283&EntityDefResetFlag=0&Segments=759,1892,3108,3448,10797,12 178,13984,14043,14404,14494&Targets=585,1491,10600,2625,2878,10070,10536&Val ues=34,46,51,63,77,87,92,102,140,222,227,283,442,655,1255,1311,1405,1716,176 7,1785,1798,1925,1970,2299,2310,2325,2352,2678,2727,2767,2862,2942,3347,3380 ,3890,3904,4080,4834,6293,6356,6391,6392,6393,6422,6440,6506,6541&RawValues= &random=bxzjjku,behxurjzqqucI] Subscribe for free to IBM Database Magazine [Type=count&ClientType=2&AdID=189634&FlightID=115726&TargetID=4319&SiteID=22 2&AffiliateID=283&EntityDefResetFlag=0&Segments=3108,3448,5163,5323,6235&Tar gets=2625,2878,4319&Values=34,46,51,63,77,87,92,102,140,222,227,283,442,655, 1255,1311,1405,1716,1767,1785,1798,1925,1970,2299,2310,2325,2352,2678,2727,2 767,2862,2910,2942,3347,3890,3904,4080,4834,6293,6356,6391,6392,6393,6422,64 40,6506,6541&RawValues=&random=IehKad,behxurjzqwiAl] [spacer.gif] How does your pay rate? Check the InformationWeek Salary Survey [Type=count&ClientType=2&AdID=60175&FlightID=36343&TargetID=4318&SiteID=222& AffiliateID=283&EntityDefResetFlag=0&Segments=3108,3448,5164,5324,12179&Targ ets=2625,2878,4318&Values=34,46,51,63,77,87,92,102,140,222,227,283,442,655,1 255,1311,1405,1716,1767,1785,1798,1925,1970,2299,2310,2325,2352,2678,2727,27 67,2862,2911,2942,3347,3890,3904,4080,4834,6293,6356,6391,6392,6393,6422,644 0,6506,6541&RawValues=&random=bsjhadj,behxurjzqqucN] [spacer.gif] Unstrung: The worldwide source for analysis of the global wireless economy [Type=count&ClientType=2&AdID=103181&FlightID=61855&TargetID=4322&SiteID=22 2&AffiliateID=283&EntityDefResetFlag=0&Segments=3108,3448,5165,5325,10298&Ta rgets=2625,2878,4322&Values=34,46,51,63,77,87,92,102,140,222,227,283,442,655 ,1255,1311,1405,1716,1767,1785,1798,1925,1970,2299,2310,2325,2352,2678,2727, 2767,2862,2912,2942,3347,3890,3904,4080,4834,6293,6356,6391,6392,6393,6422,6 440,6506,6541&RawValues=&random=bijxsKg,behxurjzqwiAm] [spacer.gif] Free Software Trial: WebSphere Business Modeler 6.0 [Type=count&ClientType=2&AdID=200506&FlightID=123333&TargetID=4321&SiteID=22 2&AffiliateID=283&EntityDefResetFlag=0&Segments=3108,3448,5166,5326&Targets= 2625,2878,4321&Values=34,46,51,63,77,87,92,102,140,222,227,283,442,655,1255, 1311,1405,1716,1767,1785,1798,1925,1970,2299,2310,2325,2352,2678,2727,2767,2 862,2913,2942,3347,3890,3904,4080,4834,6293,6356,6391,6392,6393,6422,6440,65 06,6541&RawValues=&random=nKqrIu,behxurjzqqucK] [spacer.gif] Download free white papers and research from TechWeb Briefing Centers [Type=count&ClientType=2&AdID=99001&FlightID=59362&TargetID=4320&SiteID=222 &AffiliateID=283&EntityDefResetFlag=0&Segments=3108,3448,5167,5327&Targets=2 625,2878,4320&Values=34,46,51,63,77,87,92,102,140,222,227,283,442,655,1255,1 311,1405,1716,1767,1785,1798,1925,1970,2299,2310,2325,2352,2678,2727,2767,28 62,2914,2942,3347,3890,3904,4080,4834,6293,6356,6391,6392,6393,6422,6440,650 6,6541&RawValues=&random=bnkqlAr,behxurjsopmwW] [spacer.gif] _________________________________________________________________ CAREER CENTER Ready to take that job and shove it? Open | Close TechCareers SEARCH Function: [Information Technology] Keyword(s): _________________________ State: ________ Go Post Your Resume Employers Area News & Features Blogs & Forums Career Resources Browse By: State | City SPONSOR [Type=count&ClientType=2&AdID=185948&FlightID=110665&TargetID=8182&SiteID=22 2&AffiliateID=283&EntityDefResetFlag=0&Segments=3108,3448,11576&Targets=2625 ,2878,8182&Values=34,46,51,63,77,87,92,102,140,222,227,283,442,655,1255,1311 ,1715,1716,1767,1785,1798,1925,1970,2299,2310,2325,2352,2678,2727,2767,2862, 2942,3347,3890,3904,4080,4834,6293,6356,6391,6392,6393,6422,6440,6506,6541&R awValues=&random=oaWhsl,behxurjsopmxa] RECENT JOB POSTINGS Featured Jobs: Lowe's seeking Manager of IT Research in Mooresville, NC Hebrew Senior Life seeking Sr. Information Senior Analyst in Roslindale, MA UCLA seeking Programmer/Analyst IV in Los Angeles, CA T-Mobile seeking Program Manager 3 in Snoqualmie, WA For more great jobs, career-related news, features and services, please visit our Career Center. CAREER NEWS 10 Search Engines You Don't Know About Go beyond Google and get vertical. These specialized search sites will help you find the business information you need -- fast. Yahoo Profits Fall 23%, Cuts 1,000 Jobs Ari Balogh was named to the post of chief technology officer as the companys for a "realignment" of employees. More articles from our career center Featured Mobility Research InformationWeek Analytics: Mobile Device Management Understand the needs and attitudes of enterprise IT around the procurement, deployment, securing, and provisioning of mobile devices. Get valuable insight into mobility questions facing IT managers today, as well as baselines for constructing a mobile device management strategy. FREE FOR A LIMITED TIME. read more The Latest Mobility News * Estimates Put T.J. Maxx Security Fiasco At $4.5 Billion * TJX Now Largest Data Hack Ever * BJ's Wholesale Club Settles FTC Data-Protection Complaint more Mobility articles Click Here [Type=count&ClientType=2&AdID=193788&FlightID=118898&TargetID=10575&SiteID= 222&AffiliateID=283&EntityDefResetFlag=0&Segments=759,3108,3448,8257,9983,10 087,12504,13984,14043,14404,14515&Targets=585,2625,2878,5855,6994,8854,10575 ,10070,10536&Values=34,46,51,63,77,87,92,102,140,222,227,283,399,442,655,125 5,1311,1405,1716,1767,1785,1798,1925,1970,2299,2310,2325,2352,2678,2727,2767 ,2862,2942,3347,3890,3904,4080,4834,6293,6356,6391,6392,6393,6422,6506,6541& RawValues=&random=brdKxoo,behxurjzqwiAj] [Type=count&ClientType=2&AdID=125688&FlightID=75640&TargetID=2878&SiteID=222 &AffiliateID=283&EntityDefResetFlag=0&Segments=3108,3448,10577,11687,14404,1 4494&Targets=2625,2878,8255,10536&Values=34,46,51,63,77,87,92,102,140,222,22 7,283,442,655,1255,1311,1405,1716,1767,1785,1798,1925,1970,2299,2310,2325,23 52,2678,2727,2767,2862,2942,3347,3890,3904,4059,4080,4834,6293,6356,6391,639 2,6393,6422,6440,6506,6541&RawValues=&random=bRrWAyx,behxurjzqwiAN] [Type=count&ClientType=2&AdID=79679&FlightID=47890&TargetID=347&SiteID=222&A ffiliateID=283&EntityDefResetFlag=0&Segments=97,118,3108,3448,8879,10297,113 22,13986,14405,14496&Targets=347,2625,2878,6527,10071,10470&Values=34,46,51, 63,77,87,92,102,140,205,222,227,283,442,655,1255,1311,1405,1716,1767,1785,17 98,1925,1970,2299,2310,2325,2352,2678,2727,2767,2862,2942,3347,3890,3904,408 0,4834,6293,6356,6391,6392,6393,6422,6440,6506,6541&RawValues=&random=Idixpn ,behxurjsqgIIn] [EMBED] See Image Galleries Subscription Info Apply for a free 52-week subscription to InformationWeek (a $199 value) Last Name: ____________________ First Name: ____________________ Title: ____________________ Company Name: ____________________ City: ____________________ Business Address: ____________________ Zip: ____________________ State: [SELECT STATE............] Continue Email Address: __________________ NOTE: Offer valid for U.S., U.S. possessions, & Canada only _________________________________________________________________ [Type=count&ClientType=2&AdID=193710&FlightID=118879&TargetID=10069&SiteID=2 22&AffiliateID=283&EntityDefResetFlag=0&Segments=98,116,625,2689,3108,3448,7 550,8878,9985,10059,10292,12861,13140,13942,13987,14403,14493,14516&Targets= 145,321,2625,2878,6528,10069,10484,10556&Values=34,46,51,63,77,87,92,102,140 ,204,222,227,283,442,655,1255,1311,1405,1716,1767,1785,1798,1925,1970,2299,2 310,2325,2352,2678,2727,2767,2862,2942,3347,3890,3904,4080,4834,6293,6356,63 91,6392,6393,6422,6440,6506,6541&RawValues=&random=bnkKwkn,behxurjsqgIIo] _________________________________________________________________ techweb Online Communities TechWeb InformationWeek Light Reading Intelligent Enterprise bMighty Network Computing Dark Reading Digital Library Wall Street & Technology Byte & Switch No Jitter Internet Evolution Light Reading's Cable Digital News Contentinople UnStrung Bank Systems & Technology Advanced Trading Insurance & Technology Face-to-Face Events Interop Web 2.0 Expo Web 2.0 Summit VoiceCon Black Hat CSI Software Entrprise 2.0 Conference GTEC Mobile Business Expo InformationWeek 500 Conference Buy Side Trading Xchange Buy Side Trading Summit Bank Executive Summit Insurance Executive Summit TelcoTV Ethernet Expo Optical Expo Magazines InformationWeek Wall Street & Technology Insurance & Technology Bank Systems & Technology Advanced Trading MSDN TechNet Smart Enterprise The Architecture Journal Database Magazine Research & Analyst Services Heavy Reading InformationWeek Reports InformationWeek Analytics * InformationWeek Home * News * Windows * Security * Mobility * Internet * Software * Hardware * CIO Central * Research & Tools * Careers * About Us * Contact Us * Current Issue * Back Issues * White Papers * Briefing Centers * Site Map * Technology Marketing Solutions * Editorial Calendar Terms of Service | Privacy Statement | Your California Privacy Rights | Copyright © 2008 United Business Media Limited, All rights reserved. [Type=count&ClientType=2&AdID=125688&FlightID=75640&TargetID=2878&SiteID=222 &AffiliateID=283&EntityDefResetFlag=0&Segments=3108,3448,4947,5344&Targets=2 625,2878&Values=34,46,51,63,77,87,92,102,140,222,227,283,442,655,1255,1311,1 405,1716,1767,1785,1798,1925,1970,2299,2310,2325,2352,2678,2727,2730,2767,28 62,2942,3347,3890,3904,4080,4834,6293,6356,6391,6392,6393,6422,6440,6506,654 1&RawValues=&random=riNrde,behxurjsqgIIq] [Type=count&ClientType=2&AdID=199133&FlightID=122505&TargetID=4076&SiteID=22 2&AffiliateID=283&EntityDefResetFlag=0&Segments=3108,3448,4413,4794&Targets= 2625,2878,3644,4076&Values=34,46,51,63,77,87,92,102,140,222,227,265,283,442, 655,1255,1311,1405,1716,1767,1785,1798,1925,1970,2299,2310,2325,2352,2678,27 27,2767,2862,2942,3347,3890,3904,4080,4834,6293,6356,6391,6392,6393,6422,644 0,6506,6541&RawValues=&random=bqbefsy,behxurjzqwiAR] [Type=count&ClientType=2&AdID=137514&FlightID=82235&TargetID=8496&SiteID=222 &AffiliateID=283&EntityDefResetFlag=0&Segments=3108,3448,11954,11973,11975,1 1982,11986,11989&Targets=2625,2878,8502,8497,8496&Values=34,46,51,63,77,87,9 2,102,140,222,227,283,364,442,655,1255,1311,1405,1716,1767,1785,1798,1925,19 70,2299,2310,2325,2352,2678,2727,2767,2862,2942,3347,3890,3904,4080,4834,629 3,6356,6391,6392,6393,6422,6440,6506,6541&RawValues=&random=bKzhlAz,behxurjz ucknR]