The retailer's security pros should have been able to shut down the attack relatively easily had officials acted on the warnings, sources told Bloomberg. Target's Symantec Endpoint protection software also detected the "absolutely unsophisticated and uninteresting" malware early on and pointed to the same server identified by the FireEye alerts, the report said.
The FireEye system could have been configured to automatically remove the threat, but apparently because the software was new and untested at Target, the feature wasn't activated.
Such incidents show why IT operations can't depend on technology alone to secure business networks, said Gartner analyst Avivah Litan. Companies also need strong security polices and processes for managing systems -- and for dealing with alerts, she said.
"In this case, Target apparently fell short on process and policies -- they had the technology piece down," Litan noted.
She added Target's response is typical for large organizations. "In fact, I have heard several times and from several sources that in the case of each large breach over the past few years, the alarms and alerts went off but no one paid attention to them."
Jeremy Kirk of the IDG News Service contributed to this story.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed. His e-mail address is email@example.com.
Read more about malware and vulnerabilities in Computerworld's Malware and Vulnerabilities Topic Center.