WOULD your company know if the blueprints for its next invention had been stolen by an office interloper, who had quietly copied them onto a memory stick or an iPod?Probably not. But now a telltale "USB fingerprint" has been discovered that can identify which files have been targeted in so-called pod-slurping attacks.
Data theft via USB ports is rife, says Alexandra Brodie, an intellectual property lawyer with Wragge & Co in London. "We are encountering increasing volumes of IP theft committed this way, with companies losing their trade secrets and accumulated know-how," she says.
Pod slurpers might simply steal an individual document by copying it onto a USB stick. Hackers can also copy vast numbers of documents using document-scavenging tools such as USB Switchblade.
This too springs to life when a memory stick is plugged into a PC running some versions of Windows, including XP. It then automatically copies the contents of the My Documents folder and no one is any the wiser. Now there is a way to spot such data theft.
Vasilios Katos and Theodoros Kavallaris at the Democritus University of Thrace in Komotini, Greece, have been testing every make and model of USB stick and iPod/iPhone.
They have discovered that each one has a distinctive transfer rate when copying data from a PC's hard drive (Computers and Security, DOI: 10.1016/j.cose.2010.01.002).
This is due to the differences in the microcircuitry and components that go into making each type of device.
They are able to find out if files have been copied by consulting the Windows registry, which records the make and model of every USB device plugged into that computer with a time stamp.
The pair then check all document folders for any files that were accessed shortly after the USB device was plugged in - the computer registry counts copying as file access.
Posts
No comments:
Post a Comment