• USB Flash Drive Products
• Shop
• Testimonials
• About Us
• Technical
• FAQs
• Bad News
• Links
• Feedback

Bad News

OK, so you've read the benefits of the SecureStix device and are probably wondering which part of your data you should protect first.

We've put together a list of articles from press around the world regarding the pitfalls of the standard unsecured USB Stick...have a read of this before you purchase, this may help you prioritise what data you want to protect first.

Do you want to become the next “bad news story”?

Bad news story 1.
“Aussie crime fighters put bank customers’ IDs at risk”

Filed under: News, Data Theft — June 26, 2006

Australia’s leading internet crime-fighting agency was left red-faced this week after it emerged that operatives from the Australian High Tech Crime Centre (AHTCC) managed to lose a USB memory stick containing the personal details of 3,500 customers from 18 different banks.

The device was apparently misplaced en route from Sydney to London.

The lost dossier was part of a police investigation into Russian mafia ‘phishing’ scams. A number of suspects in Australia have been arrested, but a string of others were still being hunted by police. No arrests have been made since the memory stick was lost.

According to the AHTCC, the data on the memory stick was not password encrypted or password-protected - and the officer carrying the information was doing so in violation of several policies. There is no news of any disciplinary action against the officer involved.

The loss of the computer files has sparked an as yet unsuccessful search by Australian Federal Police officers of hotels and airports in Sydney, Singapore and London. Worse still, it appears that the affected bank customers were never informed by the AHTCC.

This bungle comes at a time when consumers are increasingly fearful of identity theft.  

Bad news story 2.
“Military intelligence discovered on lost USB stick”

Filed under: News, Data Theft — February 17, 2006

The Dutch military was left red-faced this month after it emerged that USB sticks carrying top secret information were lost on two separate occasions. Just weeks after the military owned up to losing one memory stick, it was confirmed that another flash drive was discovered in rental car previously hired by a captain in the Dutch air force.

Two men found the device and copied the files to a PC. Data discovered on the USB stick included battle plans for Dutch troops and details of reconnaissance missions.

The Dutch government, which admitted a similar breach last year when an intelligence operative left computer disks in a leased car, confirmed recently that the air force captain has been dismissed.

Bad news story 3.
“Cost of data theft soars”

Filed under: News, Data Theft — October 24, 2006

New research released by the Pone mon Institute suggests that the average cost of a single stolen or compromised data record now stands at $182, up from $138 in 2005. Of that total figure, around $128 is indirect cost, such as lost customers, compensation and the price of investigating the incident.

The Institute calculates that an average company suffers around $660,000 per data breach, with total costs of around $4.7 million per year for each of the 56 companies it interviewed.

Bad news story 4.
“U.S. Data Breach Tally Approaches 100 Million: USB flash drive loss setting trend”

Filed under: News, Data Theft — September 26 2006

TechWorld news discusses, alarming numbers released yesterday by the Privacy Rights Clearinghouse (PRC) stating that over 93 million data records of U.S. residents have been exposed due to security breaches since February 2005.

“The latest trend to show up is the loss of memory sticks,” Beth Givens Director of the PRC said, referring to portable USB Latest News about USB drives that are often used to transport data among various computers. “I don’t think it’s anything new that they are being lost or stolen. But they are now being reported, at least, and affected individuals are being notified.”

Bad news story 5.
“Increased mobility needs additional security”

Filed under: Opinion, Data Theft —August 3, 2006

With research from analyst firm Quocirca showing a 300% increase in mobile remote access to business systems in the last year, one has to question whether their security policies and enforcement mechanisms have kept pace with these developments.

While the business benefits for enabling workers to access systems while away from the office are clear, there is also a significant risk that this access could be deliberately or accidentally misused, resulting in costly and embarrassing data leaks for the organization.

The hysteria caused by the VA data loss is perhaps the perfect example of why organizations need to ensure that any data carried away from the network - whether on a laptop or, worse still, a portable storage device like a USB stick - needs to be protected against falling into the wrong hands. While the laptop at least might be password protected, the vast majority of USB sticks, portable hard disks etc feature no such security measures - making them extremely vulnerable to misuse.

As such, organizations need to start treating mobile devices, whether PCs or storage ‘gadgets’, as potential sources of data leaks which need to be proactively managed to ensure that only authorized staff can copy information and that any files transferred to devices are adequately protected against theft.

Bad news story 6.
“USB + Human Curiosity = Security Breach”

Filed under: News, ID theft, IT Skills, Data Theft June 9, 2006

In a recent article on darkreading.com, Steve Stasiukonis VP and founder of Secure Network Technologies Inc. discusses a recent client:

We figured we would try something different by baiting the same employees that were on high alert. We gathered all the worthless vendor giveaway thumb drives collected over the years and imprinted them with our own special piece of software. I had one of my guys write a Trojan that, when run, would collect passwords, logins and machine-specific information from the user’s computer, and then email the findings back to us.

The next hurdle we had was getting the USB drives in the hands of the credit union?s internal users. I made my way to the credit union at about 6 a.m. to make sure no employees saw us. I then proceeded to scatter the drives in the parking lot, smoking areas, and other areas employees frequented.
Once I seeded the USB drives, I decided to grab some coffee and watch the employees show up for work. Surveillance of the facility was worth the time involved. It was really amusing to watch the reaction of the employees who found a USB drive. You know they plugged them into their computers the minute they got to their desks.

Slowly data started appearing in their inbox collected from the systems where the thumb drives were inserted. Human fallibility will always be your greatest endpoint security threat.

Bad news story 7.
“UK firms warned of Arse syndrome Security risk ”

Filed under: News, BCS (British Computer Society) December 22, 2006

UK firms are being warned of the security risk posed by a growing phenomenon called Arse syndrome.
Arse syndrome, or Alcohol Related Security Emergency, is a growing trend in the UK, where employees lose portable devices containing work-related information after drinking a few too many.

Indeed, research from Centennial Software revealed that 53 per cent of UK workers have lost portable devices such as mobiles, USB drives and MP3 players containing work-related information.
More than half of these devices were lost at the drinking venue itself, whether it be the pub or at a work social event.However, taxis and public transport were also common places to lose portable gadgets.

Matt Fisher, vice president at Centennial, was quoted by Security Park saying: 'While it's understandable that people need to let their hair down over the festive period, these statistics are worrying.
'Data theft is a growing problem, and while employees need to be careful after a few too many drinks, employers also need to ensure they monitor who is connecting devices to the network and should also consider automatically encrypting data legitimately copied to mobile gadgets to ensure it is protected.

' The threat of Arse syndrome is made particularly acute by the fact that only 35 per cent of employees who have lost company information admitted it to their bosses.
Mr Fisher continued: 'If people are losing devices and not owning up to it, then organizations are in a very vulnerable position.
Not only could the customer database be sold on to the competition or organized criminal gangs, but it also opens the door to viruses.

It is very important that businesses have the necessary security to keep track of who is using which devices and why. After all, no one wants to make an Arse of themselves at Christmas.'

Read enough Bad News?

Don't become another statistic, purchase your protection on-line now.

Join the “Secure Me” Club today Free and as a member you’ll get:

• A complimentary copy of Ashton Wood’s e-book valued at $27:
  “16 Business Destroying Security Flaws Found In Many Companies…and How to Avoid Them."
• A free copy of our ideas-packed monthly newsletter
• Special member offers and discounts
• And much more…

Why not get your friends and colleagues to join and benefit too!

We will never rent or sell your email address and you may unsubscribe from the newsletter at any time. You will from time to time receive specials, discount benefits and we may bring to your attention solutions that we are impressed with which you might find of value.