Companies are warned to protect their corporate information against two new serious threats. Podslurping and Bluesnarfing are threats that use a removable media device such as PDA or Bluetooth-enabled device to steal confidential information from the corporate network.
Podslurping and Bluesnarfing utilize the plug and play functionality in Windows to download from the corporate network large volume of files without any suspicion from the business staff.
“iPods, PDAs and notebook PC’s are now such a common sight in offices that we rarely give them a second glance,” says Matt Fisher, head of DeviceWall marketing. “Yet a firewire-connected media player can easily download over 6GB of files from a corporate PC in less than two minutes. There have been many high profile data thefts recently, such as the Indian call centre case where a worker sold thousands of UK bank customer records for less than Ј3 a shot.”
Podslurping is where portable storage device is used to download large quantities of data from a computer on the corporate network, while Bluesnarfing involves one Bluetooth-enabled device being looked for and connect to another, without the device’s owner ever knowing.
“Combating these threats is raising rapidly to the top of CIOs’ ‘To Do’ lists. Controlling access to corporate data over wired and wireless connections is essential to minimize the risks associated with not maintaining a clear boundary between the corporate network and personally-owned multi media devices,” said Fisher.
Although organizations were warned about the risk associated with remove media, most organization did not take the correct steps to protect themselves and prefer to focus on external threats rather than internal.