FTC notifies almost 100 organisations of P2P data leaks

Filed Under: Data loss, Podcast

The Federal Trade Commission has notified close to 100 US organisations of serious P2P-related security breaches that have exposed consumers to the risk of identity theft and fraud.

The use of P2P file-sharing networks to download music and movies opens the door for data loss both in the office and on consumers' personal PCs, when users take work home in the evening or at weekends.

Sample FTC notification about data loss on P2P file-sharing networks

The worry is that there are now cybercriminal gangs who scavenge the file-sharing networks, hunting for sensitive work documents such as financial records, driving licences and social security numbers.

If not configured properly, Kazaa, Limewire and other P2P file-sharing networks can scoop up files on your computer that you would probably prefer the whole world didn't have access to - not only embarrassing your company, but also putting your firm, your fellow employees and your customers at risk.

The FTC's warning acts as a stern reminder to companies worldwide towards the dangers posed by P2P file-sharing in the work environment, and the need to control the movement of sensitive data.

A survey conducted by Sophos revealed that 86.5% of organisations would like the ability to block P2P file-sharing applications, with 79% indicating that blocking is essential. These statistics point towards the concerns felt by most businesses with regard to protecting their data.

Last year, a US House of Representatives Committee hearing revealed that a confidential document was shared via the Limewire peer-to-peer (P2P) file-sharing network. This document contained details of the secret service safe house that would be used by Michelle Obama in the event of the White House being evacuated. In addition, the hearing heard that sensitive details regarding the location of every nuclear facility in the USA were available via file-sharing systems.

The Obamas suffered again at the hands of a P2P data leak, when sensitive blueprints regarding the US Presidential "Marine One" helicopter appeared on a peer-to-peer file-sharing network from an IP address located in Tehran.

There have been countless other incidents of data being leaked accidentally through file-sharing networks.

A Sophos survey found that uncontrolled applications are causing serious concern for system administrators. For example, 86.5% of respondents said they want the opportunity to block P2P applications, with 79% indicating that blocking is essential.

View the wide-ranging list of applications that Sophos is able to control on your network.


By the way, if you enjoy the podcast you can download many more via iTunes or directly from our website.

,

You might like

About the author

Graham Cluley is an award-winning security blogger, and veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.