Endpoint Protector Appliance: Stop data theft on Windows and Mac

Famous cases of data breaches: comercial secrets of Credit Suisse go to Goldman Sachs

May 7th, 2013 by Cristina (0) Data Theft & Loss,Default,DLP,security breach

Swiss bank Credit Suisse accused its former vice president of emerging markets Agostina Pechi, hired by the U.S. investment bank Goldman Sachs of theft of trade secrets, reports Bloomberg.

Credit Suisse has filed a complaint in a Manhattan court sustaining that the information was stolen in an attempt to win customers for Goldman Sachs.

In February and March, Pechi secretly sent e-mails with customer lists and other confidential banking information from her work account to her personal account. She also printed important documents relating to transactions, late at night,  when she was officially away on vacation, says the complaint filed by Credit Suisse  on the 3rd of May 3.

Pechi earned 950,000 dollars last year and lives in New York. She resigned from Credit Suisse on the 2nd of April, informing she accepted a job at Goldman Sachs in New York.

“Pechi decided to steal confidential information from Credit Suisse and contact details she gathered during the time spent at Credit Suisse. She plans to use the data to compete with Credit Suisse and share them with her new employer, specifically targeting the Swiss bank’s clients, “said  the complaint.

A spokesman for Goldman Sachs declined to comment, and Pechi could not be reached.

Funny thing is Goldman Sachs hasn’t been exempted from data thefts from ex-employees!

Hope for the best, but expect the worst

March 29th, 2013 by Cristina (0) Data Theft & Loss,DLP,security breach

This also goes for companies when we’re talking about protecting their most valuable capital: DATA….CONFIDENTIAL DATA. At least at one point in their business activity they thought competition or other third parties are going to find out the secret of their success…the “secret Coca-Cola ingredient”!

Think about the fact that some IT admins used to Super Glue USB ports so that employees couldn’t plug in USB sticks to copy data and infect the computers with viruses. Crazy, huh? (Yet when I think about the data breaches that occured lately, it’s understandable). Even if they don’t use Super Glue anymore, they do it through software and there are still many companies that, out of too much caution, ask their IT people to simply block all transfers of files. This is both annoying and counterproductive for users, since the business environment nowadays requires high mobility for fast response times. This doesn’t mean they should just leave confidential data and exit points unprotected and unsupervised. Don’t get me wrong! Maybe I’m just pointing out the obvious, but they should allow legitimate file transfers and block dangerous file transfers, instead of blocking the activity of all users. In one word: FILTERING.

With Data Loss Prevention solutions you can set filters at the endpoint level: filters by File Type (Word, Excel, PDF, PowerPoint, exe, jpg, etc.), filters by Personal Data (emails, phone numbers, SSNs, credit card numbers, etc.) and even filters by Custom Content (for instance I can define a filter that will prevent all my users from sending files containing the word ‘dog’ inside). You can basically control every word that goes out of the company network, whether by email, social media, instant messaging, file sharing applications, Dropbox, iCloud, USB drive, external HDD, CD/DVD, zip drive, etc., all you can think of.

My point is you have to be on the safe side without taking it to the extremes: hope for the best (security conscious, well-intended, employees) but expect the worst (be prepared to face any security threat).

We will talk more in depth about filtering and Data Loss Prevention in a future post. To Be Continued…

Not another lost USB stick?!

New victims, same old story…. An unprotected USB stick containing private information of Canadian residents went missing from an office of Human Resources and Skills Development in Gatineau, Quebec.

The drive was storing the names, social insurance numbers, dates of birth and loan balances of 583000 students who had borrowed money between 2000 and 2006.

The internal investigation on the affair started only two months after the discovery of the loss of the stick (Nov. 5th) and a notification was sent to the victims only last Friday.

So the question remains: Are we ever going to learn from others’ mistakes? Especially now that Device Control, Data Loss Prevention and USB encryption software has been around for ages and it’s virtually in everybody’s reach.

An officer of the Canadian Army sold informations to the Russians for $3000 per month

Jeffrey Paul Delisle, ex sub-lieutenant of the Navy Intelligence admitted that the spying charges against him were true. According to prosecutor Lyne Decarie, he willingly entered the Russian Embassy in 2007 to offer to sell confidential military information. Apparently, he was getting around $3000 per month for his services, but he declares he wasn’t doing it for the money, but for’ ideological reasons’.

He was asked to copy references about the Russians from his work PC to an USB stick, then he took the stick home and uploaded the data to an email application to share it with the people paying him.

You can find more info on this high-level spying affair here:

http://www.huffingtonpost.com/huff-wires/20121010/cn-canada-navy-spy-case/

How to steal the plans of the Elysée palace? On an USB stick!

This Sunday an incident of the most common happened at the Lyon train station in Paris: a thief disappeared an USB stick from a car. Nothing special here, this kind of things happen everyday!

What makes this incident so special is the info stored on the memory stick. The owner of the key is an entrepreneur involved in an installation of fiber optic at some important buildings in Paris. His USB stick contained the highly confidential plans of the Elysée palace, the Internal Affairs Ministry and the Paris Police. The worst is that the stick was not encrypted, so the thief has full access to all the documents!

The questions we need to ask now is: did the thief know beforehand what type of info was on the stick or did he steal that precise stick just by accident?

“there is always an idiot around who doesn’t think much about the thumb drive in their hand”

Stuxnet, the worm created by the US and Israel for breaking down Iran’s nuclear plant Natanz got out of their control

An article published today in the New York Times shows that the Stuxnet virus-written and deployed by the US and Israeli government-targeting the Iranian nuclear plant Natanz got out in the wild. It seems that the purpose of the code was to set back the Iranian nuclear research program by commanding the control hardware responsible for the spin rate of the centrifuge equipment. The important aspect of this is the fact that the worm only targeted this specific nuclear plant, it was never intended to spread on the Internet.

The network at Natanz is air-gapped, which made it very difficult for the people who made the plan to introduce the code into the network. They needed someone with physical access to the site to get the worm inside through thumb drives (this is also the manner how the first versions of the worm were distributed). To quote one of the architects of the plan: ‘It turns out there is always an idiot around who doesn’t think much about the thumb drive in their hand.’

The way Stuxnet spread outside Natanz’s network is most probably on a laptop. Fortunately, security researchers were able to annihilate it.

EU to Establish Cybercrime Centre

March 29th, 2012 by Agent Smith (0) Data Theft & Loss,Identity Theft,security breach

The European Union is planning to create and launch a European Cybercrime Centre by January 2013. The centre, a proposal of the European Commissions, will operate within Europol, the continent’s police agency and will deal with online banking fraud, attacks against smartphones and other large scale types of attacks which are directed against public services and infrastructure. Read more

Nuclear Plant Safety Test Details Lost by Office of Nuclear Regulation Rep

February 21st, 2012 by Agent Smith (0) Data Theft & Loss,DLP,endpoint security,security breach

A data breach caused when an Office for Nuclear Regulation official lost an USB memory containing details about safety tests at the Hartleport power plant is currently being investigated by the authorities. While the memory stick was caring only safety “stress-test” not “significantly sensitive” data, none of the files stored had been encrypted. The stress tests the lost portable device stored are currently being carried out at European nuclear power plants in an attempt to prevent future disaster, like the nuclear disaster at Fukushima power plant caused by the Japan earthquake last year.

According to an official ONR statement, the reports contained by the memory stick would have been made public after their completion, yet the office completely forbids the use of unencrypted devices for transporting documents with security classification. This means that the official responsible for the breach has broken ONR security regulations. The Hartlepool plant, operated by EDF Energy, confirmed the lost USB stick did not have important data. They also mentioned that when they would have been published, the results of the tests would have been less detailed. Read more

Three recently disclosed data breaches share common cause – stolen laptops

February 7th, 2012 by Agent Smith (0) Data Encryption,Data Theft & Loss,security breach

Stolen hardware, and particularly laptops, is still a very common cause for data breaches, especially when it comes to hospitals and other healthcare companies. Three recent incidents have all involved patient details being exposed to identity theft, fraud and other risks, after being taken together with laptops held in medical offices.

While in some cases the stolen portable computers happened to be password protected, none of them had been encrypted to better prevent access to stolen private records. Read more

Stolen Flash Drive Exposes Data of 1,200 University of Miami Patients

February 2nd, 2012 by Agent Smith (0) Data Theft & Loss,security breach

A security breach exposing the data of over 1,200 patients has recently been disclosed by the University of Miami. The Miller School of Medicine patient data was stolen back in November 2011, together with a flash drive, when someone broke into a pathologist’s car and took the briefcase where the portable device was stored.

The flash drive contained details such as age, sex, diagnosis and treatment information for patients treated from 2005 to 2011, the University of Miami disclosed in a press release. No financial information or Social Security numbers had been stored on the drive, according to the same press release. Read more