What problem does Two-Factor Authentication (2FA) solve?
Written by Patrick Townsend
The data breach at Target started in a typical way. The attackers planted malware on a user's PC via a phishing attack, captured a password, and used that password as the entry point to work their way into the Target corporate network. In this case, the stolen user credential was at a service provider to Target, not one of Target's own users. But that's immaterial. The attack method was very typical: steal a user credential to log into a system, and enter into the critical systems from there. You don't have to actually start by stealing the credentials to the most sensitive system. You can start at the periphery and work your way in.