The IT Law Wiki
The IT Law Wiki

Citation[]

U.S. Senate, Committee on Commerce, Science and Transportation, A "Kill Chain" Analysis of the 2013 Target Data Breach (Mar. 26, 2014) (full-text).

Overview[]

This report analyzes what has been reported to date about the Target data breach, using the "intrusion kill chain" framework, an analytical tool introduced by Lockheed Martin security researchers in 2011, and today widely used by information security professionals in both the public and the private sectors. This analysis suggests that Target missed a number of opportunities along the kill chain to stop the attackers and prevent the massive data breach.