|
Data Theft
Data theft is the unauthorized duplication or deletion of an organization's electronic information. Data theft is a growing phenomenon primarily caused by system administrators and office workers with access to technology such as database servers, desktop computers and a growing list of hand-held devices capable of storing digital information, such as USB flash drives, iPods and even digital cameras. Since employees often spend a considerable amount of time developing contacts, confidential, and copyrighted information for the company they work for, they may feel they have some right to the information and are inclined to copy or delete part of it when they leave the company, or misuse it while they are still in employment. Information can be sold and bought and then used by criminals and criminal organizations. Alternatively, an employee may choose to deliberately abuse trusted access to information for the purpose of exposing misconduct by the employer. From the perspective of ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Stochastic Forensics
Stochastic forensics is a method to forensically reconstruct digital activity lacking artifacts, by analyzing emergent properties resulting from the stochastic nature of modern computers.Grier, Jonathan (2011)"Detecting data theft using stochastic forensics" ''Journal of Digital Investigation''. 8(Supplement), S71-S77.Schwartz, Mathew J. (December 13, 2011"How Digital Forensics Detects Insider Theft" ''Information Week''.Chickowski, Ericka (June 26, 2012).Dark Reading Unlike traditional computer forensics, which relies on digital artifacts, stochastic forensics does not require artifacts and can therefore recreate activity which would otherwise be invisible. Its chief application is the investigation of insider data theft."Insider Threat Spotlight" (August 2012). '' |
System Administrators
An IT administrator, system administrator, sysadmin, or admin is a person who is responsible for the upkeep, configuration, and reliable operation of computer systems, especially multi-user computers, such as servers. The system administrator seeks to ensure that the uptime, performance, resources, and security of the computers they manage meet the needs of the users, without exceeding a set budget when doing so. To meet these needs, a system administrator may acquire, install, or upgrade computer components and software; provide routine automation; maintain security policies; troubleshoot; train or supervise staff; or offer technical support for projects. Related fields Many organizations staff offer jobs related to system administration. In a larger company, these may all be separate positions within a computer support or Information Services (IS) department. In a smaller group they may be shared by a few sysadmins, or even a single person. * A database administrato ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Edward Snowden
Edward Joseph Snowden (born June 21, 1983) is a former National Security Agency (NSA) intelligence contractor and whistleblower who leaked classified documents revealing the existence of global surveillance programs. Born in 1983 in Elizabeth City, North Carolina, he attended a community college and later enrolled at a masters programme of the University of Liverpool without finishing it. In 2005 he worked for the University of Maryland, in 2006 he started working for the Central Intelligence Agency (CIA) and then switched to Dell in 2009 where he was managing computer systems of the NSA. In 2013, he worked two months at Booz Allen Hamilton with the purpose of gathering more NSA documents. In May 2013, Snowden flew to Hong Kong and in early June he revealed thousands of classified NSA documents to journalists Glenn Greenwald, Laura Poitras, Barton Gellman, and Ewen MacAskill. Global surveillance disclosures (2013–present), His disclosures revealed numerous global surveillance ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Data Security
Data security or data protection means protecting digital data, such as those in a database, from destructive forces and from the unwanted actions of unauthorized users, such as a cyberattack or a data breach. Technologies Disk encryption Disk encryption refers to encryption technology that encrypts data on a hard disk drive. Disk encryption typically takes form in either software (see disk encryption software) or hardware (see disk encryption hardware). Disk encryption is often referred to as on-the-fly encryption (OTFE) or transparent encryption. Software versus hardware-based mechanisms for protecting data Software-based security solutions encrypt the data to protect it from theft. However, a malicious program or a hacker could corrupt the data to make it unrecoverable, making the system unusable. Hardware-based security solutions prevent read and write access to data, which provides very strong protection against tampering and unauthorized access. Hardware- ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Data Breach
A data breach, also known as data leakage, is "the unauthorized exposure, disclosure, or loss of personal information". Attackers have a variety of motives, from financial gain to political activism, political repression, and espionage. There are several technical root causes of data breaches, including accidental or intentional disclosure of information by insiders, loss or theft of unencrypted devices, hacking into a system by exploiting software vulnerabilities, and social engineering attacks such as phishing where insiders are tricked into disclosing information. Although prevention efforts by the company holding the data can reduce the risk of data breach, it cannot bring it to zero. The first reported breach was in 2002 and the number occurring each year has grown since then. A large number of data breaches are never detected. If a breach is made known to the company holding the data, post-breach efforts commonly include containing the breach, investigating its scope ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Sneakernet
Sneakernet, also called sneaker net, is an informal term for the transfer of electronic information by physically moving media such as magnetic tape, floppy disks, optical discs, USB flash drives or external hard drives between computers, rather than transmitting it over a computer network. Sneakernets enable data transfer through physical means and offer a solution in the presence of network connections that lack reliability; however, a consequence of this physical transfer is high latency. The term, a tongue-in-cheek play on ''net(work)'' as in ''Internet'' or ''Ethernet'', refers to walking around in sneakers inside an office as the transport mechanism. Summary and background Sneakernets are in use throughout the computer universe. A sneakernet may be used when computer networks are prohibitively expensive for the owner to maintain; in high-security environments where manual inspection (for re-classification of information) is necessary; where information needs to be share ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Bluesnarfing
Bluesnarfing is the unauthorized access of information from a wireless device through a Bluetooth connection, often between phones, desktops, laptops, and PDAs (personal digital assistant). This allows access to calendars, contact lists, emails and text messages, and on some phones, users can copy pictures and private videos. Both Bluesnarfing and Bluejacking exploit others' Bluetooth connections without their knowledge. While Bluejacking is essentially harmless as it only transmits data to the target device, Bluesnarfing is the theft of information from the target device. For a Bluesnarfing attack to succeed, the attacker generally needs to be within a maximum range of 10 meters from the target device. In some cases, though, attackers can initiate a Bluesnarfing attack from a greater distance. Description Bluesnarfing exploits vulnerabilities in the OBject EXchange protocol used for Bluetooth device communication, involving hackers who use tools like Bluediving to detect su ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Pod Slurping
Pod slurping is the act of using a portable data storage device such as an iPod digital audio player to illicitly download large quantities of confidential data by directly plugging it into a computer where the data are held, and which may be on the inside of a firewall. The phrase "pod slurping" was introduced by Abe Usher. It pertains to a malicious program embedded in a USB storage device, which activates automatically upon being connected to a host. There has been some work in the development of fixes to the problem, including a number of third-party security products that allow companies to set security policies related to USB device use, and features within operating systems that allow IT administrators or users to disable the USB port altogether. Unix-based or Unix-like systems can easily prevent users from mounting storage devices, and Microsoft has released instructions for preventing users from installing USB mass storage devices on its operating systems. Additional m ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Computer Forensics
Computer forensics (also known as computer forensic science) is a branch of digital forensics, digital forensic science pertaining to evidence found in computers and digital storage media. The goal of computer forensics is to examine digital media in a forensically sound manner with the aim of identifying, preserving, recovering, analyzing, and presenting facts and opinions about the digital information. Although it is most often associated with the investigation of a wide variety of computer crime, computer forensics may also be used in civil proceedings. The discipline involves similar techniques and principles to data recovery, but with additional guidelines and practices designed to create a legal audit trail. Evidence from computer forensics investigations is usually subjected to the same guidelines and practices as other digital evidence. It has been used in a number of high-profile cases and is accepted as reliable within U.S. and European court systems. Overview In the ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Digital Artifact
Digital artifact in information science, is any undesired or unintended alteration in data introduced in a digital process by an involved technique and/or technology. Digital artifact can be of any content types including text, audio, video, image, animation or a combination. Information science In information science, digital artifacts result from: *Hardware malfunction: In computer graphics, visual artifacts may be generated whenever a hardware component such as the processor, memory chip, cabling malfunctions, etc., corrupts data. Examples of malfunctions include physical damage, overheating, insufficient voltage and GPU overclocking. Common types of hardware artifacts are texture corruption and T-vertices in 3D graphics, and pixelization in MPEG compressed video. *Software malfunction: Artifacts may be caused by algorithm flaws such as decoding/encoding audio or video, or a poor pseudo-random number generator that would introduce artifacts distinguishable from the d ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
USB Mass Storage Device Class
The USB mass storage device class (also known as USB MSC or UMS) is a set of computing communications protocols, specifically a USB#Device_classes, USB Device Class, defined by the USB Implementers Forum that makes a USB device accessible to a host computing device and enables file transfers between the host and the USB device. To a host, the USB device acts as an external hard drive; the protocol sets interfaces with a number of storage devices. Uses Devices connected to computers via this standard include: * External magnetic hard drives * External optical drives, including CD and DVD reader and writer drives * USB flash drives * Solid-state drives * Adapters between standard flash memory cards and USB connections * Digital cameras * Portable media players * Card readers * Personal digital assistant, PDAs * Mobile phones Devices supporting this standard are known as MSC (Mass Storage Class) devices. While MSC is the original abbreviation, UMS (Universal Mass Storage) has a ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Hervé Falciani
Hervé Daniel Marcel Falciani (; born 9 January 1972) is a French-Italian systems engineer and whistleblower who is credited with "the biggest banking leak in history." In 2008, Falciani began collaborating with numerous European nations by providing allegedly illegal data theft, stolen information relating to more than 130,000 suspected tax evaders with Swiss bank accounts specifically those with accounts in HSBC's Swiss subsidiary HSBC Private Bank. Falciani created the "Lagarde list", a list of HSBC clients who allegedly used the bank to evade taxes and launder money. Falciani leaked the list to ex-French Finance Minister Christine Lagarde (currently the President of the European Central Bank). Lagarde, in turn, sent the list to governments whose citizens were on the list. On 11 December 2014, Falciani was indicted in absentia by the Swiss federal government for violating the country's Banking in Switzerland#Banking secrecy, bank secrecy laws and for industrial espionage. The ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
