February 17th, 2006
Pod-Slurping: New Security Headache?
By Michael Santo
Contributing Writer, RealTechNews
It’s new terminology, at least. Although the first thing that came to mind when I saw the term was the movie “Invasion of the Body Snatchers“. A U.S. security expert has created an application that can fill an iPod with business-critical data in a matter of minutes. The idea isn’t to promote theft, but to give companies a wake-up call.
Abe Usher, a 10-year veteran of the security industry, created an application that runs on an iPod and can search corporate networks for files likely to contain business-critical data. At a rate of about 100MB every couple minutes, it can scan and download the files onto the portable storage units in a process dubbed “pod slurping.”
To the naked eye, somebody doing this would look like any other employee listening to their iPod at their desk. Alternatively, the person stealing data need not even have access to a keyboard but can simply plug into a USB port on any active machine.
“The cost of being proactive is less than the cost of reacting to an incident,” Usher said. Source: News.com
We Say: This threat’s been around a while, but it’s not one that’s really been noticed by companies. I carry a small 20GB USB hard drive around with me. It’s about 3″ x 3″ x .4″. It’s not for theft; it’s for taking work back and forth easily. Obviously it’s just a drive and can’t run a program by itself. But items like it and the iPod, particularly as large amounts of storage in small devices becomes more and more prevalent, really should have companies alarmed … and they don’t seem to be yet.
Tom says:
Modern companies are already aware that if you have physical access to the network that you can steal most of the sensitive data on it. In fact, no form of security is stopping me from walking into the office of a manager 4 levels up the chain from me five minutes after he goes home, escorting his bare drive to my office, performing a quick clone, and escorting it back. Their position is usually a mix of trust and hoping that you weren’t aware of the capability.
February 17th, 2006 at 4:40 am
Rob says:
While network security is always something to be concerned about, there seems to be an unnecessary bit of alarmism surrounding iPods and the like.
My computer at work has a DVD burner. I could gank files off the network and burn them to a DVD (or two, or three…) and nobody would think twice.
I could encrypt a .zip file containing sensitive information and email it to whoever I wanted.
I could take screenshots of documents.
It goes on. Fact is, anyone who has physical access to a network is 90% of the way to getting whatever they want. Good luck, Mr. SysAdmin!
February 17th, 2006 at 5:02 am
Sarah says:
GFI has recently released a new whitepaper which discusses the problem with uncontrolled use of iPods, USB sticks and flash drives on companies’ networks. It is entitled “Pod slurping: an easy technique of stealing data”, accesss to this whitepaper is free, and furthermore requires no registration. The whitepaper is found at http://www.gfi.com/whitepapers/pod-slurping-an-easy-technique-for-stealing-data.pdf
September 25th, 2006 at 4:36 am
Bette says:
To continue on this topic, readers might be interested to tryout a new online scanner which lets you know, for free, what portable storage devices are and have been hooked to the PCs on your networks, and also by whom. This will give you an indication of where your company stands in being at ‘risk’ from endpoint security threats. You can check it out at http://www.endpointscan.com/
May 15th, 2007 at 1:41 am