Data theft is the unauthorized extraction of information from its storage locations, which is usually carried out by hacking network resources. The volume and value of data increases every year, and with them the number of thefts inevitably increases. Cybercriminals steal information from government agencies, large and small companies, non-profit organizations, and individuals.
The consequences of intentional leaks of this kind can be very different - from the loss of business reputation to serious intergovernmental scandals, although more often than not, theft of information ultimately means the loss of money.
Classification and methods of data theft
All data theft is carried out either by interception of messages on communication lines, or through theft of the information carrier. The main scenarios are described below.
Theft of physical media
The most direct and rough way. Most modern devices - laptops, smartphones, tablets, pluggable external drives and flash drives - are small enough to be stolen in passing by walking next to the table where they lie (for example, if the owner is away from the workplace for a minute).
Hard drives can be stolen from large computers, and not necessarily permanently. It's easy to imagine an attacker who will eject a disk after the end of the working day, copy all the information that interests him and return the drive to its place early the next morning. In such a scenario, the owner of the device will not even guess about unauthorized access to his data.
Theft on media access
If you have physical access to the media, you can simply work on the computer in the absence of the owner. Lunch breaks, lengthy meetings, time after leaving at the end of the working day - a fellow attacker has many ways to sit at someone else's keyboard. If the account password is weak or missing, then anyone who works nearby can steal the data. However, even a very good password does not always help: in the end, an employee may openly ask permission to use the device, citing a malfunction of his own computer and the need to urgently send a letter or file. Further, for example, a USB flash drive with a malicious program that downloads data is connected to the machine.
The ability to spy on information belongs to the same category. Cases are common when many employees work in one large room without partitions, and neighbors can clearly see who is doing what. Accordingly, the criminal can either observe personally or install a small camera that will record everything that was displayed on the screen of someone else's monitor.
Remote theft over the network
If the machine is connected to a wired or wireless network, then direct physical access to it is not necessary. There are many viruses, Trojans, backdoors, and other malicious agents available on the Internet, which an attacker can inject in various ways (for example, by exploiting vulnerabilities). Also, data can be intercepted using sniffers if the communication channels are poorly protected.
Stealing data from external servers
Finally, if data is stored on the Internet (in a cloud storage, on a mail server, etc.), then criminals can carry out unauthorized access to these resources. For users, such a scenario is dangerous because in addition to setting a good password, they have no other way to influence the safety of information - all software and all access settings are made by the owner of the service.
Objects of influence
Data theft objects can be divided into two main types: physical storage media and logical (virtual) entities.
Access to physical media is possible through direct theft, temporary removal outside the perimeter, asking the owner of the computer about the opportunity to work on his machine for a short time. An attacker can also install malicious programs from external media that steal and transmit data over the network to an external server.
Informational and logical influence is carried out by searching for vulnerable or outdated software, unprotected ports, by selecting logins and passwords. The latter, by the way, is also relevant in the case of media theft - with the difference that when a laptop or smartphone is stolen, the criminal may not be in a hurry, while temporary or remote access implies the need to hack the system quickly.
Reasons for data theft
In Hollywood films, thefts are committed by teams of professionals, where each performs his own task, and the most complex plan is calculated in seconds. In real life, the vast majority of thefts are caused primarily not by the skill of the attacker, but by the carelessness of the owner. Theft of information is no exception: in some cases, the user himself provides access to his assets.
First of all, this concerns the attitude towards data carriers, which often turn out to be out of sight and reach of the owner, who has gone away for a cup of coffee or on a call from the authorities, so that any subject passing by can steal them. Accordingly, it is better to always carry smartphones, flash drives, external drives with you, a laptop should be left under the supervision of reliable friends, and a stationary computer should be kept in a room with physical protection.
Login to any system must be password protected. It is useful to have three accounts at once - not only an administrator and a user, but also a guest with minimal rights (for unauthorized persons). Additionally, you can encrypt especially important files and folders. All passwords should be complex - upper and lower case letters, numbers, no meaningful words or information related to the owner of the computer.
The programs used must be updated in a timely manner, antivirus is required. If possible, you should avoid any questionable resources - containing an adult or any other prohibited content, illegally distributing films, books, programs, music. Many are attracted by the idea of fighting copyright, but not all supporters of the free distribution of information work for free: a virus hidden in a modified file will cost users much more than an official purchase.
Also, do not follow links, especially those that come from an unfamiliar address. They usually lead to phishing sites. It is better to ignore links to websites of mobile banking and electronic payment systems altogether, wherever they are located - it is safer to just type the desired address directly in the browser.
Finally, one should not succumb to methods of psychological manipulation (social engineering). If a stranger calls you, introduces himself as a bank employee or someone else, asks for an account number, PIN-code, CVC or other confidential information, then you should not tell him anything, even if he frightens with account blocking, loss of money, etc. P. In such cases, you need to contact the bank through official channels.
Data theft risk analysis
As already noted, most thefts are not caused by cunning plans of intruders, but by the carelessness of users. Do not leave your flash drive and smartphone unattended, protect your laptop and computer with a complex password, log out of the system, even if you are away only for a couple of minutes - and the likelihood of success of criminals will noticeably decrease.
The problem of data theft is especially difficult in large companies. Employees sit in one large room, everyone can see what is happening on the monitors of colleagues, and besides, clients or neighbors in the office complex can enter the room. Information wanders from computer to computer on dozens of flash drives, and the practice of using other people's machines is the norm. Sometimes there are several standard logins and passwords that everyone knows. In such conditions, leaks are inevitable.
Ideally, every workplace should be fenced in. If this is not possible, individual cells should receive at least those machines where important and confidential information is processed. There should not be any general, universal accounts and access codes: for each employee - a personal login and password. The credentials should be issued by the administrator, in order to avoid the appearance of simple and primitive combinations. You should also make sure that there are no PayPalers with passwords in the workplace. If the employee is unable to remember the password, then at least let him carry a note with him in his wallet: all people pay due attention to the safety of the wallet.
It is advisable to accustom all employees to the idea that if they allow a colleague to temporarily work on their machine, then it is better for them to log out: let the employee log in under his own name. This allows you to avoid getting someone else's access rights and track who is showing suspicious activity.
Important and confidential data on servers must be password protected; it is desirable that they be seen only by those who are allowed access to them.
However, when developing rules for protecting information, one should not be overzealous. When toilet paper purchases are classified as a nuclear bomb device, employees begin to perceive such measures not as information security policy, but as tyranny of their bosses - and, therefore, break the rules wherever there is no direct supervision.
It is also important to consider that any strengthening of data protection has its price - both direct (the cost of software and hardware products) and indirect (complication of work, reduced performance). Therefore, a set of measures to protect information should be developed commensurate with the costs with the possible damage from data leakage.
The consequences of intentional leaks of this kind can be very different - from the loss of business reputation to serious intergovernmental scandals, although more often than not, theft of information ultimately means the loss of money.
Classification and methods of data theft
All data theft is carried out either by interception of messages on communication lines, or through theft of the information carrier. The main scenarios are described below.
Theft of physical media
The most direct and rough way. Most modern devices - laptops, smartphones, tablets, pluggable external drives and flash drives - are small enough to be stolen in passing by walking next to the table where they lie (for example, if the owner is away from the workplace for a minute).
Hard drives can be stolen from large computers, and not necessarily permanently. It's easy to imagine an attacker who will eject a disk after the end of the working day, copy all the information that interests him and return the drive to its place early the next morning. In such a scenario, the owner of the device will not even guess about unauthorized access to his data.
Theft on media access
If you have physical access to the media, you can simply work on the computer in the absence of the owner. Lunch breaks, lengthy meetings, time after leaving at the end of the working day - a fellow attacker has many ways to sit at someone else's keyboard. If the account password is weak or missing, then anyone who works nearby can steal the data. However, even a very good password does not always help: in the end, an employee may openly ask permission to use the device, citing a malfunction of his own computer and the need to urgently send a letter or file. Further, for example, a USB flash drive with a malicious program that downloads data is connected to the machine.
The ability to spy on information belongs to the same category. Cases are common when many employees work in one large room without partitions, and neighbors can clearly see who is doing what. Accordingly, the criminal can either observe personally or install a small camera that will record everything that was displayed on the screen of someone else's monitor.
Remote theft over the network
If the machine is connected to a wired or wireless network, then direct physical access to it is not necessary. There are many viruses, Trojans, backdoors, and other malicious agents available on the Internet, which an attacker can inject in various ways (for example, by exploiting vulnerabilities). Also, data can be intercepted using sniffers if the communication channels are poorly protected.
Stealing data from external servers
Finally, if data is stored on the Internet (in a cloud storage, on a mail server, etc.), then criminals can carry out unauthorized access to these resources. For users, such a scenario is dangerous because in addition to setting a good password, they have no other way to influence the safety of information - all software and all access settings are made by the owner of the service.
Objects of influence
Data theft objects can be divided into two main types: physical storage media and logical (virtual) entities.
Access to physical media is possible through direct theft, temporary removal outside the perimeter, asking the owner of the computer about the opportunity to work on his machine for a short time. An attacker can also install malicious programs from external media that steal and transmit data over the network to an external server.
Informational and logical influence is carried out by searching for vulnerable or outdated software, unprotected ports, by selecting logins and passwords. The latter, by the way, is also relevant in the case of media theft - with the difference that when a laptop or smartphone is stolen, the criminal may not be in a hurry, while temporary or remote access implies the need to hack the system quickly.
Reasons for data theft
In Hollywood films, thefts are committed by teams of professionals, where each performs his own task, and the most complex plan is calculated in seconds. In real life, the vast majority of thefts are caused primarily not by the skill of the attacker, but by the carelessness of the owner. Theft of information is no exception: in some cases, the user himself provides access to his assets.
First of all, this concerns the attitude towards data carriers, which often turn out to be out of sight and reach of the owner, who has gone away for a cup of coffee or on a call from the authorities, so that any subject passing by can steal them. Accordingly, it is better to always carry smartphones, flash drives, external drives with you, a laptop should be left under the supervision of reliable friends, and a stationary computer should be kept in a room with physical protection.
Login to any system must be password protected. It is useful to have three accounts at once - not only an administrator and a user, but also a guest with minimal rights (for unauthorized persons). Additionally, you can encrypt especially important files and folders. All passwords should be complex - upper and lower case letters, numbers, no meaningful words or information related to the owner of the computer.
The programs used must be updated in a timely manner, antivirus is required. If possible, you should avoid any questionable resources - containing an adult or any other prohibited content, illegally distributing films, books, programs, music. Many are attracted by the idea of fighting copyright, but not all supporters of the free distribution of information work for free: a virus hidden in a modified file will cost users much more than an official purchase.
Also, do not follow links, especially those that come from an unfamiliar address. They usually lead to phishing sites. It is better to ignore links to websites of mobile banking and electronic payment systems altogether, wherever they are located - it is safer to just type the desired address directly in the browser.
Finally, one should not succumb to methods of psychological manipulation (social engineering). If a stranger calls you, introduces himself as a bank employee or someone else, asks for an account number, PIN-code, CVC or other confidential information, then you should not tell him anything, even if he frightens with account blocking, loss of money, etc. P. In such cases, you need to contact the bank through official channels.
Data theft risk analysis
As already noted, most thefts are not caused by cunning plans of intruders, but by the carelessness of users. Do not leave your flash drive and smartphone unattended, protect your laptop and computer with a complex password, log out of the system, even if you are away only for a couple of minutes - and the likelihood of success of criminals will noticeably decrease.
The problem of data theft is especially difficult in large companies. Employees sit in one large room, everyone can see what is happening on the monitors of colleagues, and besides, clients or neighbors in the office complex can enter the room. Information wanders from computer to computer on dozens of flash drives, and the practice of using other people's machines is the norm. Sometimes there are several standard logins and passwords that everyone knows. In such conditions, leaks are inevitable.
Ideally, every workplace should be fenced in. If this is not possible, individual cells should receive at least those machines where important and confidential information is processed. There should not be any general, universal accounts and access codes: for each employee - a personal login and password. The credentials should be issued by the administrator, in order to avoid the appearance of simple and primitive combinations. You should also make sure that there are no PayPalers with passwords in the workplace. If the employee is unable to remember the password, then at least let him carry a note with him in his wallet: all people pay due attention to the safety of the wallet.
It is advisable to accustom all employees to the idea that if they allow a colleague to temporarily work on their machine, then it is better for them to log out: let the employee log in under his own name. This allows you to avoid getting someone else's access rights and track who is showing suspicious activity.
Important and confidential data on servers must be password protected; it is desirable that they be seen only by those who are allowed access to them.
However, when developing rules for protecting information, one should not be overzealous. When toilet paper purchases are classified as a nuclear bomb device, employees begin to perceive such measures not as information security policy, but as tyranny of their bosses - and, therefore, break the rules wherever there is no direct supervision.
It is also important to consider that any strengthening of data protection has its price - both direct (the cost of software and hardware products) and indirect (complication of work, reduced performance). Therefore, a set of measures to protect information should be developed commensurate with the costs with the possible damage from data leakage.
