[Head416]

I worked in IT infrastructure in a grocery store, with about 5% the revenue of Target. From the Internet to our web servers there was a firewall, then from there to the internal company network another firewall, then from our internal private network to the payment system network, another firewall. (This is a very simplified description.)

Simply compromising our public web server would not have allowed you to push software to the POS terminals. In addition to Cisco's ability to prevent and detect intrusion (which is far from perfect) all traffic passed through another system that monitored and blocked suspicious traffic (Tipping Point, if anybody is interested.) With Target's money, I'm sure their security made ours look like child's play.

I cannot for the life of me think how this could have been achieved, unless they had somebody on the inside. Even then it's hard to imagine. The most likely source I can think of would be the vendor that provided our POS terminals and their software, which would be hard to imagine. These people are obviously much more skilled than I am.