|
|
|
 |
|
The Threat to Your Company from Devices
|
- It is easy to get high-capacity removable storage devices inside your company and connect them to your network endpoints
- Devices are small, cheap and impossible to trace and find
- Easy to copy large amounts of data and remove from your company
- Over 30,000 different types of USB products exist…
- Almost 1.5 billion USB devices shipped in 2005; over 3 billion sold to date
- Over 32 million iPods sold in 2005 - each a potential 40GB HD...
- New smart USB devices are appearing all the time
- U3 USB devices, USB Linux servers, USB autorun devices, Wireless USB, ...
- Other devices can easily connect to your network
- Wireless network adapters, 3G cards create uncontrolled entry points (‘bridges’)
- Synchronizing PDAs/smartphones create potential gateways off your endpoints
|
|
|
|
|
Threat Statistics, Facts & Recent Incidents
|
- "39% of USB drive owners use them to transfer files between home & work." – C3 (2005)
- "In the past 12 months 37% of businesses reported the unauthorized disclosure of corporate information via removable USB drives." – Yankee Group (2005)
- "Data theft accounted for $50B in losses [in 2004] in the US alone." – The Economist (2005)
- 50% of security incidents originate from within an organization.” – 2005 FBI/CSI Computer Crime & Security Survey
- A DoK with top-secret US military information about local spies and informants was sold for $40 at a bazaar in Afghanistan
- A temp employee of a French aircraft equipment manufacturer copied confidential data to a DoK and sold it to a competitor in China
- Data was stolen from Sumitomo Bank in London using HW keyloggers connected to the USB keyboard on a number of the bank’s PCs
- A Postal Service Bank in Israel was robbed using a wireless USB modem connected by the thieves to the bank’s server
|
|
|
|
|
From The Press...
|
- "Memory keys – a clear and present danger [...] They’re small, they’re dangerous, they’re undetectable – and they’re being given out free at conferences. Welcome to the terrifying world of the USB memory drive." – Financial Times, June 2005
- "Attack of the iPods [...] MP3 players are not just for music anymore, and if you’re not careful, some unscrupulous person could steal confidential documents or plant spyware and viruses." – CSO Update, May 2006
- "Warnings over USB memory sticks [...] Smart phones, iPods and USB memory sticks are posing a real risk for businesses, warn security experts." – BBC News, April 2006
- "USB is not the only way [to expose Windows vulnerabilities]; FireWire, WiFi, BlueTooth and the like may pose potential threats as well." – PC Magazine, 2005
|
|
|
|
|
Continue to next page »
|
|
|
|
