Data theft
   HOME

TheInfoList



OR:

Data theft is a growing phenomenon primarily caused by
system administrators A system administrator, or sysadmin, or admin is a person who is responsible for the upkeep, configuration, and reliable operation of computer systems, especially multi-user computers, such as servers. The system administrator seeks to en ...
and office workers with access to technology such as
database servers A database server is a server which uses a database application that provides database services to other computer programs or to computers, as defined by the client–server model. Database management systems (DBMSs) frequently provide database- ...
, desktop computers and a growing list of hand-held devices capable of storing digital information, such as
USB flash drive Universal Serial Bus (USB) is an industry standard that establishes specifications for cables, connectors and protocols for connection, communication and power supply ( interfacing) between computers, peripherals and other computers. A bro ...
s, iPods and even
digital camera A digital camera is a camera that captures photographs in digital memory. Most cameras produced today are digital, largely replacing those that capture images on photographic film. Digital cameras are now widely incorporated into mobile devices ...
s. Since employees often spend a considerable amount of time developing contacts,
confidential Confidentiality involves a set of rules or a promise usually executed through confidentiality agreements that limits the access or places restrictions on certain types of information. Legal confidentiality By law, lawyers are often required ...
, and
copyright A copyright is a type of intellectual property that gives its owner the exclusive right to copy, distribute, adapt, display, and perform a creative work, usually for a limited time. The creative work may be in a literary, artistic, educatio ...
ed information for the company they work for, they may feel they have some right to the information and are inclined to copy and/or delete part of it when they leave the company, or misuse it while they are still in employment. Information can be sold and bought and then used by criminals and criminal organizations. Alternatively, an employee may choose to deliberately abuse trusted access to information for the purpose of exposing
misconduct Misconduct is wrongful, improper, or unlawful conduct motivated by premeditated or intentional purpose or by obstinate indifference to the consequences of one's acts. It is an act which is forbidden or a failure to do that which is required. Misc ...
by the employer. From the perspective of the society, such an act of
whistleblowing A whistleblower (also written as whistle-blower or whistle blower) is a person, often an employee, who reveals information about activity within a private or public organization that is deemed illegal, immoral, illicit, unsafe or fraudulent. Whi ...
can be seen as positive and is protected by law in certain situations in some jurisdictions, such as the
USA The United States of America (U.S.A. or USA), commonly known as the United States (U.S. or US) or America, is a country primarily located in North America. It consists of 50 states, a federal district, five major unincorporated territori ...
. A common scenario is where a sales person makes a copy of the contact
database In computing, a database is an organized collection of data stored and accessed electronically. Small databases can be stored on a file system, while large databases are hosted on computer clusters or cloud storage. The design of databases s ...
for use in their next job. Typically, this is a clear violation of their terms of employment. Notable acts of data theft include those by leaker
Chelsea Manning Chelsea Elizabeth Manning (born Bradley Edward Manning; December 17, 1987) is an American activist and whistleblower. She is a former United States Army soldier who was convicted by court-martial in July 2013 of violations of the Espionage A ...
and self-proclaimed whistleblowers Edward Snowden and
Hervé Falciani Hervé Daniel Marcel Falciani (; born 9 January 1972) is a French-Italian systems engineer and whistleblower who is credited with "the biggest banking leak in history." In 2008, Falciani began collaborating with numerous European nations by pro ...
.


Data theft methods


Thumbsucking

Thumbsucking, similar to podslurping, is the intentional or undeliberate use of a portable
USB mass storage device The USB mass storage device class (also known as USB MSC or UMS) is a set of computing communications protocols, specifically a USB Device Class, defined by the USB Implementers Forum that makes a USB device accessible to a host computing device ...
, such as a
USB flash drive Universal Serial Bus (USB) is an industry standard that establishes specifications for cables, connectors and protocols for connection, communication and power supply ( interfacing) between computers, peripherals and other computers. A bro ...
(or "thumbdrive"), to illicitly download confidential data from a network endpoint. A USB flash drive was allegedly used to remove without authorization highly classified documents about the design of U.S. nuclear weapons from a vault at Los Alamos. The threat of thumbsucking has been amplified for a number of reasons, including the following: *The storage capacity of portable USB storage devices has increased. *The cost of high-capacity portable USB storage devices has decreased. *Networks have grown more dispersed, the number of remote network access points has increased and methods of network connection have expanded, increasing the number of vectors for network infiltration.


Data Leakage

Data leak is part of insider attack that accidental or unintentional data loss because of specific circuit stances.


Investigating data theft

Techniques to investigate data theft include
stochastic forensics Stochastic forensics is a method to forensically reconstruct digital activity lacking artifacts, by analyzing emergent properties resulting from the stochastic nature of modern computers.Grier, Jonathan (2011)"Detecting data theft using stochasti ...
,
digital artifact Digital artifact in information science, is any undesired or unintended alteration in data introduced in a digital process by an involved technique and/or technology. Digital artifact can be of any content types including text, audio, video, ...
analysis (especially of USB drive artifacts), and other computer forensics techniques.


See also

*
Pod slurping Pod slurping is the act of using a portable data storage device such as an iPod digital audio player to illicitly download large quantities of confidential data by directly plugging it into a computer where the data are held, and which may be on th ...
*
Bluesnarfing Bluesnarfing is the unauthorized access of information from a wireless device through a Bluetooth connection, often between phones, desktops, laptops, and PDAs (personal digital assistant). This allows access to calendars, contact lists, emails ...
*
Sneakernet Sneakernet, also called sneaker net, is an informal term for the transfer of electronic information by physically moving media such as magnetic tape, floppy disks, optical discs, USB flash drives or external hard drives between computers, rather ...
* Data breach


References


External links


USBs' Giant Sucking SoundOnline Behaviours that can Lead to Data Theft
{{DEFAULTSORT:Data Theft Data security Theft Data laws