U.S. retailers to share cyber threat data after Target attack

BOSTON Tue Apr 15, 2014 1:41am IST

The sign outside the Target store is seen in Arvada, Colorado January 10, 2014. REUTERS/Rick Wilking/Files

The sign outside the Target store is seen in Arvada, Colorado January 10, 2014.

Credit: Reuters/Rick Wilking/Files

Related Topics



BOSTON (Reuters) - U.S. retailers are planning to form an industry group for collecting and sharing intelligence about cyber security threats in a bid to prevent future attacks in the wake of last year's big attack on Target Corp.

The National Retail Federation said on Monday it will establish an Information Sharing and Analysis Center, or ISAC, for the retail industry in June.

ISACs are industry groups that typically run security operations centers that operate around the clock, providing alerts about emerging threats to their members and sharing information provided by law enforcement and other government agencies.

They are set up under terms of a 1998 U.S. presidential directive to foster sharing of security information between the public and private sector.

There are more than a dozen such organizations among industries including financial services, emergency services, healthcare, technology companies, public transportation and utilities.

The financial services industry ISAC, which is widely considered the most successful group of its type, will help retailers set up the new organization.

Retailers have been under pressure from Congress and consumers to bolster security since the attack on Target, which resulted in the theft of some 40 million payment card numbers and another 70 million customer records, which were uncovered late last year.

After the breach was uncovered, retailers privately complained that they had difficulty obtaining information from law enforcement about what had happened and how to thwart follow-on attacks.

In January, the Department of Homeland Security produced a report titled "Indicators for Network Defenders" that contained information about its secret investigation into the Target breach. It was released through the Financial Services ISAC and other routes, but some retailers had trouble obtaining it because the industry lacked an established group for sharing information on cyber threats.

The new ISAC will also allow retailers to share tips on fighting hackers, which the industry hopes might prevent future attacks and make consumer data more secure.

"It will allow them to talk to each other about things are hitting them, to know quickly if other people are experiencing the same things and if they've found good defenses that they can tell each other about," said Alan Paller, founder of SANS Institute, a non-profit group that trains security professionals.

(Reporting by Jim Finkle; Editing by Cynthia Osterman and Chizu Nomiyama)

Comments (0)
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.

  • Most Popular
  • Most Shared


Reuters Showcase

New iPhone

New iPhone

New Apple iPhone to have "mobile wallet" function - Bloomberg  Full Article 

Wearable Gadgets

Wearable Gadgets

Swatch prefers go-it-alone route for smartwatch plans.  Full Article 

Google Drones

Google Drones

Google tests drones for deliveries.  Video 

Hot Commodity

Hot Commodity

Data scientists are increasingly becoming important to the world's tech companies.  Video 

Reuters India Mobile

Reuters India Mobile

Get the latest news on the go. Visit Reuters India on your mobile device.  Full Coverage