Data theft

Last updated February 27, 2024

Data theft is the unauthorized duplication or deletion of an organization's electronic information, by employees with access to it.

Data theft is a growing phenomenon primarily caused by system administrators and office workers with access to technology such as database servers, desktop computers and a growing list of hand-held devices capable of storing digital information, such as USB flash drives, iPods and even digital cameras.^[1] Since employees often spend a considerable amount of time developing contacts, confidential, and copyrighted information for the company they work for, they may feel they have some right to the information and are inclined to copy or delete part of it when they leave the company, or misuse it while they are still in employment. Information can be sold and bought and then used by criminals and criminal organizations.^[2] Alternatively, an employee may choose to deliberately abuse trusted access to information for the purpose of exposing misconduct by the employer. From the perspective of the society, such an act of whistleblowing can be seen as positive^[3] and is protected by law in certain situations in some jurisdictions, such as the United States.

A common scenario is where a sales person makes a copy of the contact database for use in their next job. Typically, this is a clear violation of their terms of employment.

Notable acts of data theft include those by leaker Chelsea Manning and self-proclaimed whistleblowers Edward Snowden and Hervé Falciani.

Data theft methods

Thumbsucking

Thumbsucking, similar to podslurping, is the intentional use of a portable USB mass storage device, such as a USB flash drive (or "thumbdrive"), to illicitly download confidential data from a network endpoint.^[4]

A USB flash drive was allegedly used to remove without authorization highly classified documents about the design of U.S. nuclear weapons from a vault at Los Alamos.^[5]

The threat of thumbsucking has been amplified for a number of reasons, including the following:

The storage capacity of portable USB storage devices has increased.
The cost of high-capacity portable USB storage devices has decreased.
Networks have grown more dispersed, the number of remote network access points has increased and methods of network connection have expanded, increasing the number of vectors for network infiltration.

Investigating data theft

Techniques to investigate data theft include stochastic forensics, digital artifact analysis (especially of USB drive artifacts), and other computer forensics techniques.

Related Research Articles

Computer security, cybersecurity, digital security or information technology security is the protection of computer systems and networks from attacks by malicious actors that may result in unauthorized information disclosure, theft of, or damage to hardware, software, or data, as well as from the disruption or misdirection of the services they provide.

In computing, a removable media is a data storage media that is designed to be readily inserted and removed from a system. Most early removable media, such as floppy disks and optical discs, require a dedicated read/write device to be installed in the computer, while others, such as USB flash drives, are plug-and-play with all the hardware required to read them built into the device, so only need a driver software to be installed in order to communicate with the device. Some removable media readers/drives are integrated into the computer case, while others are standalone devices that need to be additionally installed or connected.

<span class="mw-page-title-main">USB flash drive</span> Data storage device

A Flash drive is a data storage device that includes flash memory with an integrated USB interface. A typical USB drive is removable, rewritable, and smaller than an optical disc, and usually weighs less than 30 g (1 oz). Since first offered for sale in late 2000, the storage capacities of USB drives range from 8 to 256 gigabytes (GB), 512 GB and 1 terabyte (TB). As of 2023, 2 TB flash drives were the largest currently in production. Some allow up to 100,000 write/erase cycles, depending on the exact type of memory chip used, and are thought to physically last between 10 and 100 years under normal circumstances.

Computer forensics is a branch of digital forensic science pertaining to evidence found in computers and digital storage media. The goal of computer forensics is to examine digital media in a forensically sound manner with the aim of identifying, preserving, recovering, analyzing and presenting facts and opinions about the digital information.

A disk enclosure is a specialized casing designed to hold and power hard disk drives or solid state drives while providing a mechanism to allow them to communicate to one or more separate computers.

<span class="mw-page-title-main">USB mass storage device class</span> USB device class for drives

The USB mass storage device class is a set of computing communications protocols, specifically a USB Device Class, defined by the USB Implementers Forum that makes a USB device accessible to a host computing device and enables file transfers between the host and the USB device. To a host, the USB device acts as an external hard drive; the protocol set interfaces with a number of storage devices.

A portable media player (PMP) or digital audio player (DAP) is a portable consumer electronics device capable of storing and playing digital media such as audio, images, and video files. The data is typically stored on a compact disc (CD), Digital Versatile Disc (DVD), Blu-ray Disc (BD), flash memory, microdrive, SD cards or hard drive; most earlier PMPs used physical media, but modern players mostly use flash memory. In contrast, analogue portable audio players play music from non-digital media that use analogue media, such as cassette tapes or vinyl records.

In computing, external storage refers to non-volatile (secondary) data storage outside a computer's own internal hardware, and thus can be readily disconnected and accessed elsewhere. Such storage devices may refer to removable media, compact flash drives, portable storage devices, or network-attached storage. Web-based cloud storage is the latest technology for external storage.

Pod slurping is the act of using a portable data storage device such as an iPod digital audio player to illicitly download large quantities of confidential data by directly plugging it into a computer where the data are held, and which may be on the inside of a firewall.

<span class="mw-page-title-main">Portable storage device</span>

A portable storage device (PSD) is a compact plug-and-play mass storage device designed to hold a large volume of digital data of any kind. This is slightly different from a portable media player, which is designed to only store music and video files that its internal reader softwares can play.

Physical information security is the intersection, the common ground between physical security and information security. It primarily concerns the protection of tangible information-related assets such as computer systems and storage media against physical, real-world threats such as unauthorized physical access, theft, fire and flood. It typically involves physical controls such as protective barriers and locks, uninterruptible power supplies, and shredders. Information security controls in the physical domain complement those in the logical domain, and procedural or administrative controls.

A datacard is an electronic card for data operations.

Data erasure is a software-based method of data sanitization that aims to completely destroy all electronic data residing on a hard disk drive or other digital media by overwriting data onto all sectors of the device in an irreversible process. By overwriting the data on the storage device, the data is rendered irrecoverable.

Secure USB flash drives protect the data stored on them from access by unauthorized users. USB flash drive products have been on the market since 2000, and their use is increasing exponentially. As both consumers and businesses have increased demand for these drives, manufacturers are producing faster devices with greater data storage capacities.

Mobile device forensics is a branch of digital forensics relating to recovery of digital evidence or data from a mobile device under forensically sound conditions. The phrase mobile device usually refers to mobile phones; however, it can also relate to any digital device that has both internal memory and communication ability, including PDA devices, GPS devices and tablet computers.

This glossary of computer hardware terms is a list of definitions of terms and concepts related to computer hardware, i.e. the physical and structural components of computers, architectural issues, and peripheral devices.

In computer security a countermeasure is an action, device, procedure, or technique that reduces a threat, vulnerability, or attack, eliminating or preventing it by minimizing the harm it can cause. It can also include discovering and reporting vunerabilities so that corrective action can be taken.

A dongle is a small piece of computer hardware that connects to a port on another device to provide it with additional functionality, or enable a pass-through to such a device that adds functionality.

Windows To Go is a feature in Windows 8 Enterprise, Windows 8.1 Enterprise, Windows 10 Education and Windows 10 Enterprise versions prior to the May 2020 update, that allows the system to boot and run from certain USB mass storage devices such as USB flash drives and external hard disk drives which have been certified by Microsoft as compatible. It is a fully manageable corporate Windows environment. The development of Windows To Go was discontinued by Microsoft in 2019, and is no longer available in Windows 10 as of the May 2020 update.

Solid-state storage (SSS) is a type of non-volatile computer storage that stores and retrieves digital information using only electronic circuits, without any involvement of moving mechanical parts. This differs fundamentally from the traditional electromechanical storage, which records data using rotating or linearly moving media coated with magnetic material.

References

↑ Ian (2021-11-06). "The Data Theft You Never Hear About". Steadfast Solutions. Retrieved 2022-07-11.
↑ Xing, Liudong; Levitin, Gregory (November 2017). "Balancing theft and corruption threats by data partition in cloud system with independent server protection". Reliability Engineering & System Safety. 167: 248–254. doi:10.1016/j.ress.2017.06.006.
↑ Schneier, Bruce (10 June 2013). "Government Secrets and the Need for Whistle-blowers". Schneier on Security. Retrieved 15 February 2015.
↑ "Do you know who is sucking data from your computer?". Archived from the original on August 19, 2007. Retrieved 15 February 2015.
↑ Zagorin, Adam "A breach in nuclear security." Archived 2008-01-31 at the Wayback Machine Time, April 19, 2007. Retrieved April 21, 2007

External links

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] Ian (2021-11-06). "The Data Theft You Never Hear About". Steadfast Solutions. Retrieved 2022-07-11.

[2] Xing, Liudong; Levitin, Gregory (November 2017). "Balancing theft and corruption threats by data partition in cloud system with independent server protection". Reliability Engineering & System Safety. 167: 248–254. doi:10.1016/j.ress.2017.06.006.

[3] Schneier, Bruce (10 June 2013). "Government Secrets and the Need for Whistle-blowers". Schneier on Security. Retrieved 15 February 2015.

[4] "Do you know who is sucking data from your computer?". Archived from the original on August 19, 2007. Retrieved 15 February 2015.

[5] Zagorin, Adam "A breach in nuclear security." Archived 2008-01-31 at the Wayback Machine Time, April 19, 2007. Retrieved April 21, 2007

[1]

[2]

[3]

[4]

[5]