Second Hand Hard Drive with Missile Defense Data
Buying second hand PCs might be quite an adventure. Especially if they contain sensitive information that could blow one’s mind out, as it happened for a group of researchers from the University of Glamorgan in Scotland. According to a DarkReading article, the researchers found their used hard drives to contain details of test-launch procedures for a U.S. defense missile.
The researchers have included these findings in the results of a a five-year study that aimed to show the dangers of poor hard drive and device data-wiping and disposal practices. Acording to this years’ results, which are not yet final, the research also led them to sensitive data from Ford Motor, Laura Ashley, and other businesses.
This year, the researchers found personal or sensitive data on 34 percent of 300 hard disks bought randomly at computer fairs and online auctions in the U.K., U.S., Germany, France, and Australia. The information was enough to expose individuals and firms to fraud and identity theft, they said.
So if someone indulged in the idea of starting a fraud or theft based scam, all they needed is to start buying used computer parts. It’s easy and far less dangerous than actually atemtping to steal the data directly from the businesses currently using them.
1 TB of data on the Clinton Administration gone missing
The US National Archives have lost a hard drive containing no less than 1 terabyte (TB) of classified information from the Bill Clinton administration. The misplaced sensitive data also contained, according to the Register, personal information of White House staff and visitors. The drive was stored in an unsecured area of the National Archives, where hundreds of people, including authorized personnel, janitors, visitors, and employees passing through could have accessed it.
The lost critical data also included logs of events, social gatherings, and political records, as well as the social security number of a daughter of former Vice President Al Gore. A representative of the former Clinton administration has been notified and affected former White House staff will also be informed on the breach.
The time of the theft is estimated to sometime between October 2008 and March 2009. Added to the large number of individuals with potential access to the drive, this is going to be one long investigation!
Verizon: Application logs monitoring helps prevent data breaches. Really?
“Given the nature of data breaches today, organizations are better off saving money and doing ‘lightweight’ security testing across more of their infrastructure than conducting deep assessments across a few systems,” this is what Peter Tippet, vice president of innovation and technology for Verizon Business stated at a the CSI/SX held in Las Vegas, according to a DarkReading quote.
Tippet thinks application logs are more effective than logs of signature based devices and firewalls. He’s probably right. But only for the scenarios he has chosen: data theft caused by outside attacks, most frequently using stolen, but valid passwords and attacking idle, old and forgotten machines.
While Tippet’s method might just prove effective for those using Verizon software and fearing outside attacks, what happens to unencrypted and stolen or lost hardware? What about insiders who can copy/paste an entire database on a thumb drive? Yes, ongoing attacks or failed attempts can be discovered. But that gets businesses nowhere near a comprehensive and effective data loss prevention solution!
DoD can’t handle inside threats
The Department of Defense seems to have quite some trouble handling threats in his own backyard. One of their officials with top-secret security clearance, as it happens, has allegedly been leaking classified department data and documents to an official working for the Chinese government.
According to a Department of Justice announcement quoted by Dark Reading, James Wilbur Fondren Jr., deputy director for the U.S. Pacific Command (PACOM) Washington Liaison Office, has been charged with espionage conspiracy for providing classified information to an agent of a foreign government. Fondren is believed to have sold information to a Taiwanese-American man. The information was subsequently sold to a Chinese government official, but apparently Fondren was unaware of this secon sale.
How was the leak possible? Poor security: Fondren had both a classified DoD computer and an unclassified one on his desk. One would expect a little less trust in high level clearance staff. It’s espionage we’re talking about!
Fondren, 62, allegedly funneled the data to Tai Shen Kuo, who was one of his consulting clients, between November 2004 to Feb. 11, 2008, according to the affidavit. Kuo purchased reports from Fondren for anywhere between $350 to $800, eight of which included classified information. Among the classified data Fondren supplied Kuo was information about a joint U.S.-China naval exercise, U.S.-China military meetings, and a DoD draft report on China.
In his turn, Kuo got around 50,000 US dollars for certain documents he obtained from Fondren and other DoD officials. I wonder who the other officials are. Will they be charged soon?
Dark Side of Google: Payment card details of 19,000 Brits found in cache
Google’s web cache was recently caught red-handed, when payment card details of 19,000 UK based persons were discovered to be hosted by the world’s first and largest search engine. The stored data also included names, addresses, card numbers and expiry dates for Visa, MasterCard and American Express British holders. All anyone needed to do to discover the data was run the right search query.
The Register reported more on how the data got into Google’s cache:
The data was originally posted to a website server located in Vietnam, presumably in error by data thieves who wanted to sell it to other scammers. Even after the site was shuttered in February, the information continued to live on in Google’s web history cache until company employees finally purged it.
Luckily for part of those affected, many of the cards posted online had already been canceled, according to bank industry sources quoted by the Register. What about the others? Will they at least be notified?
CoSoSys uses humor to teach about security threats
As you’ve probably seen on this blog, there are news about security breaches, people who’ve been affected by identity theft and fraud, billions of dollars in losses every single day. More a day in really bad cases. Although there’s a ton of information out there, individuals and companies still fail at protecting themselves against such breaches and at keeping their private data safe.
CoSoSys, leading developer of endpoint security and data loss prevention solutions, has chosen a different approach to raise awareness about the risks we face everyday: humor, namely a series of comic strips showing what can really happen. As CNET puts it, they put the fun back in security threats.
The first comic, originally published on CoSoSys’ EndpointProtector.com site shows how easy it is for an employee to copy your entire data base and take it to your main competitor. A simple thumb drive, three minutes left alone in the office, and that’s it!
But as fun and laughing are not the only goals of the strip, each of them also helps you find out what to do and how you do it. Designed to promote the company’s most popular DLP, endpoint security and device management solution, Endpoint Protector, each issue will show how everything can be prevented.
“Recent research performed in both the US and the UK shows a troubling trend: data breaches are rising in numbers and in costs as well. Millions of people have their data exposed to identity theft or fraud each year and few of those affected or those responsible of the incidents know that most of these instances could easily be prevented. Making sure that your private records and all endpoints in your network are secured is not a difficult task. That is why we are committed to put our best efforts into raising awareness and educating the public about staying safe without making any lifestyle compromises”, explained Roman Foeckl, CoSoSys CEO.
The next issues of the strip will be published each Thursday for the next 7 weeks. You can see them here or register to get them on your email. Easier if you asked me, as remembering to visit a link every week is not something I usually do.
Romanian Petty officer stole military secrets on a USB stick
I don’t know what’s wrong with the military around the world, but the armies and the defense systems seem to be the most vulnerable to the feablest attempts to breach security. Word’s out on a petty officer of the Romanian Ministry of Defense who used an USB stick to steal classified information, including radar frequency and standard NATO maps between 2001 and 2006.
At least that’s what he’s been arrested for! He also confessed for more data thefts occuring in 2008 and 2009. He transferred the data to a Bulgarian liason who then sold them to foreign government representatives, including an Ukrainian. How much was the information worth? 800-1000 american dollars for each “shipment”.
One word for you: audit! How about having an endpoint security solution that monitors data transfers and records them, plus it blocks unauthorized devices? It doesn’t cost much, I am sure the Ministery of Defense can afford it!
[links to the story are from Romanian papers at this time. Once we get English coverage for them, we'll update this entry]
FAA Data Breach Exposes Records of 45,000
A recent breach reported by the Federal Aviation Administration has exposed the private data of about 45,000 employees, as a result of a hack in one of the FAA computer systems. The FAA has released a warning notice, quoted in Dark Reading, stating that employee personal identity information has been stolen during the illegal access. Those affected by this security breach will also receive individual letter, letting them know their data is stolen and probably used in fraud or identity theft attempts.
“Two of the 48 files on the breached computer server contained personal information about more than 45,000 FAA employees and retirees who were on the FAA’s rolls as of the first week of February 2006,” states the notice. “The server that was accessed was not connected to the operation of the air traffic control system or any other FAA operational system, and the FAA has no indication those systems have been compromised in any way.”
The FAA also stated it has learned its lesson and taken the necessary steps to prevent future incidents of the sort. They are also taking long term measures to protect personal information. As for those who have been affected by this very real breack, there’s a a toll-free number and some details on the employee site.
TJX finds closure for breach in big time sale
We’ve all come to refer to the TJX data breach as the largest one in history, with an estimated 45.7 million credit card accounts exposed through a brech in the discount retaler’s wireless network. Some even place the number of affected acounts in the vicinity 94 million. Whichever the real number is, it is huge, scary and as it has happened over a significant period of time, it got plenty of coverage.
In the recovery process, they had to pay 40.9 million dollars to settle a lawsuit, but according to the Register TJX had created a 118 million fund to pay for breach-related damages in August 2007. 11 people were charged in relation with the data theft and some trials are still ongoing. The retailer has made an attempt to close this dark chapter for good by offering one-day 15 percent discounts in all its US and Canadian stores, as a token of their appreciation for the customers “for retaining their loyalty after it did such a bad job of retaining their records”.
Nice strategy to reward customers, build trust and boost sales at the same time! But I believe they need to implement all the cutting edge security toys in the market and make every new added layer of protection public to ease the minds of those affected.
NetBooks and the surprises they come with
Portable storage device applications and endpoint security solution provider CoSoSys has just risen the red flag regarding Netbooks. As they explain, although treandy gift and excellent PC replacement for all offices, netbooks embed serious threats to corporate and individual security. While their seamless connectivity and increasingly large solid state disks (SSD) or traditional HDD capacities can help everyone of us increase productivity while considerably decreasing the weight we carry around, they are also the perfect means for both intentional and unintentional data breaches.
“Corporate IT departments needs to consider Netbooks as a serious issue when it comes to Endpoint Security and they are advised to take control over them as they enter their networks rather than waiting for the first data breaches to happen. Enforcing Endpoint Security policies with Endpoint Protector allows IT administrators to fully control all ports and data transfers from endpoints, including Netbooks, to any other portable device such as USB Flash Drives or External HDDs to prevent data loss” said Roman Foeckl, CoSoSys CEO.
While the CD or DVD drive is no longer a threat, netbooks come with almost immediate access to any data through wireless networks, USB Ports, SD Card readers and other ports, making it extremely easy for confidential details to be transferred in and out of unsecured networks. And if you run a search through our blog to see how many laptops have been lost, stolen and misplaced in the past, we have to also wonder about how much easier it is to steal or lose a much smaller version.
So take this warning seriously and stay trendy and safe at the same time!
