Data theft

Data theft

Data theft is a growing problem primarily perpetrated by office workers with access to technology such as desktop computers and hand-held devices capable of storing digital information such as USB flash drives, iPods and even digital cameras. Since employees often spend a considerable amount of time developing contacts and confidential and copyrighted information for the company they work for, they often feel they have some right to the information and are inclined to copy and/or delete part of it when they leave the company, or misuse it while they are still in employment.

While most organizations have implemented firewalls and intrusion-detection systems very few take into account the threat from the average employee that copies proprietary data for personal gain or use by another company.[citation needed] A common scenario is where a sales person makes a copy of the contact database for use in their next job. Typically this is a clear violation of their terms of employment.

The damage caused by data theft can be considerable with today's ability to transmit very large files via e-mail, web pages, USB devices, DVD storage and other hand-held devices. Removable media devices are getting smaller with increased hard drive capacity, and activities such as podslurping are becoming more and more common. It is now possible to store more than 160 GB of data on a device that will fit in an employee's pocket, data that could contribute to the downfall of a business.

Contents

Types of data theft

Thumbsucking

Thumbsucking, similar to podslurping, is the intentional or unintentional use of a portable USB mass storage device, such as a USB flash drive (or "thumbdrive"), to illicitly download confidential data from a network endpoint.[1]

The moniker is derived from the act of downloading, or "sucking", data from a network endpoint onto a USB flash drive or similar storage device.

A USB flash drive was allegedly used to remove without authorization highly-classified documents about the design of U.S. nuclear weapons from a vault at Los Alamos.[2]

The threat of thumbsucking has been amplified for a number of reasons, including the following:

  • The storage capacity of portable USB storage devices has increased.
  • The cost of high-capacity portable USB storage devices has decreased.
  • Networks have grown more dispersed, the number of remote network access points has increased and methods of network connection have expanded, increasing the number of vectors for network infiltration.
  • Pod Slurping
  • Bluesnarfing
  • Sneakernet
  • Data spill

References

  1. ^ http://www.thumbsuckingthreat.com/index.html
  2. ^ Zagorin, Adam "A breach in nuclear security." Time, April 19, 2007. Retrieved April 21, 2007

External links


Wikimedia Foundation. 2010.

Игры ⚽ Нужно сделать НИР?

Look at other dictionaries:

  • Data erasure — (also called data clearing or data wiping) is a software based method of overwriting data that completely destroys all electronic data residing on a hard disk drive or other digital media. Permanent data erasure goes beyond basic file deletion… …   Wikipedia

  • Data management — comprises all the disciplines related to managing data as a valuable resource. Contents 1 Overview 2 Topics in Data Management 3 Body Of Knowledge 4 Usage …   Wikipedia

  • Data breach — A data breach is the intentional or unintentional release of secure information to an untrusted environment. Other terms for this phenomenon include unintentional information disclosure, data leak and also data spill. Incidents range from… …   Wikipedia

  • Theft — In criminal law, theft (also known as stealing or filching) is the illegal taking of another person s property without that person s freely given consent. As a term, it is used as shorthand for all major crimes against property, encompassing… …   Wikipedia

  • theft — n [Old English thiefth]: larceny; broadly: a criminal taking of the property or services of another without consent ◇ Theft commonly encompasses by statute a variety of forms of stealing formerly treated as distinct crimes. grand theft: theft of… …   Law dictionary

  • Data loss — is an error condition in information systems in which information is destroyed by failures or neglect in storage, transmission, or processing. Information systems implement backup and disaster recovery equipment and processes to prevent data loss …   Wikipedia

  • Data spill — is a somewhat ironic term, derived from such phrases as oil spill, toxic or hazardous waste spill, etc. , for the unintentional release of secure information to an insecure environment. Other terms for this type of incident are data breach, data… …   Wikipedia

  • theft — noun ADJECTIVE ▪ petty ▪ grand (AmE) ▪ attempted (esp. BrE) ▪ the crime of attempted theft ▪ large scale, outright …   Collocations dictionary

  • Data discrimination — Network Neutrality Related issues and topics Automatic telephone exchange Data discrimination End to end principle Internet Protocol Tiered Internet Bandwidth Throttling …   Wikipedia

  • Data Fellows Corporation — F Secure Corporation Unternehmensform AG Gründung 1988 Unternehmenssitz …   Deutsch Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”