Snuffling out the hackers
The following article was published in Business 550, January 2006. The text has been edited for use on this website.
First you had ‘Bluesnarfing’, then Podslurping, and now you have ‘Camsnuffling’ - the latest way for staff to sidestep security measures and download sensitive company information.
Hacking with a digital camera
According to Birmingham based IT service and IT support provider, Icomm Technologies, ‘Camsnuffling’, has become the new way for hackers to extract and store data with the help of a digital camera.
Like an iPod and Bluetooth, it is essentially just another digital storage device and by simply plugging it into a computer's USB port the user can obtain reams of sensitive data. Currently 80% of all malicious or accidental security breaches originate in this way.
As a common everyday appliance, however, the digital camera, like the iPod, is very hard to police, and by and large, simply unfeasible to ban.
Says Icomm’s Ian Callens: “This is a real threat to business continuity and data security. If someone is seen in the workplace using an iPod without permission it is relatively easier to police. Many businesses, however, now use digital cameras and spotting illegitimate use is very hard. They have all storage functionality and concealability of an iPod. The big difference is there are more cameras in circulation. This adds to the threat.
Managing the problem
“There are steps that can be taken to reduce rogue behaviour. Regularly change system passwords and issue internal memos to ask all to be vigilant, stating that observations are being undertaken. Finally consider adopting specific software to monitor activity to actively manage the access rights to removable storage devices. This will ensure that business productivity is not affected and guard against the removal of data or the introduction of appropriate or malicious content to the network.”
