If not redirected, please click here https://www.thesecuritybuddy.com/data-breaches-prevention/what-is-pod-slurping/
Nowadays we take several steps to
ensure safety of our data. We configure firewalls, install Intrusion
Detection and Prevention software and take help of anti-malware
programs to prevent theft of sensitive data. No doubt these help us a
lot. But, alas, there are still methods which can bypass all these
safety measures, irrespective of however strong they are, and steal
sensitive data. Pod Slurping is one such example.
What is Pod Slurping ?
Pod Slurping is a technique used by
miscreants to steal sensitive data from a system using some simple
devices like iPods, USB Sticks, Flash devices and PDAs. The
miscreants simply plug these devices to the system containing data and
transfer those within few minutes.
The vulnerability was first discovered
by Security Expert Abe Usher. He created a Proof of Concept by using
a small application slurp.exe and his iPod. He plugged in the device
to a computer and was able to transfer considerable amount of
sensitive data just in 65 seconds.
This attack is indeed a very simple,
but a serious one. If any miscreant who has physical access to a
computer, can use this technique. It does not require much software
knowledge to steal information using Pod Slurping.
And, it is much difficult to prevent
this. Almost every computer has USB ports enabled and anyone
including employees of a company possess devices like iPods, MP3
Players or USB Sticks.
How to prevent Pod Slurping ?
As I discussed above, it proves much
difficult to prevent Pod Slurping. In an organization, disabling USB
ports or prevent users from using USB Sticks is one method of
preventing this attack. But, it is no doubt inefficient. USB ports
and USB Sticks are much helpful in our daily life and preventing the
use of them will rather make our life difficult.
In Unix based systems Pod Slurping can
easily be prevented though, by preventing users from mounting
portable devices. Microsoft also has released instructions to prevent
users from installing USB mass storage devices on its Operating
Systems.
There are also a number of third-party
security products that allow companies to set security policies
related to usage of USB devices.
This article was intended to give
information on threats Pod Slurping. Hope you liked it.
Read More
How to prevent phishing ?
What is Typosquatting and how is it used for phishing and spreading malware ?
How to prevent Evil Twin ?
What is 2 Factor Authentication ?
What is Page Hijacking and how to prevent it ?
What are the different techniques used in social engineering ?
How to create a strong password ?
How does Network Segmentation improve security and what is VLAN ?
What is Web Application Firewall ?
How can SPF, DKIM and DMARC prevent email spoofing ?
What is Biometrics and how is it used in authentication ?
Read More
How to prevent phishing ?
What is Typosquatting and how is it used for phishing and spreading malware ?
How to prevent Evil Twin ?
What is 2 Factor Authentication ?
What is Page Hijacking and how to prevent it ?
What are the different techniques used in social engineering ?
How to create a strong password ?
How does Network Segmentation improve security and what is VLAN ?
What is Web Application Firewall ?
How can SPF, DKIM and DMARC prevent email spoofing ?
What is Biometrics and how is it used in authentication ?
No comments:
Post a Comment