Slurping - a security issue often overlooked
2008.02.27
Slurping is not only a method for quenching your thrist. It is also used as a term for a particular kind of security issue, that is often overlooked.
Slurping, or Pod slurping, is used as a term to describe using an USB stick to obtain information from the computer that the stick is attached to. Slurping can be accomplished by using an ordinary USB stick or a device (MP3 player, iPod etc.). The storage capacity - several gigabytes - available in recent models of such devices enables huge potential to steal sensitive and confidential information from an organization. If the computer that has the device attached is connected to a corporate network with succificent access rights, the potential is very scary.
Masquerading as a legitimate task, like copying music files or a presentation to/from the victim, the information theft can be unnoticed by the victim's organization.
More advanced schemes include using an autorun program set up to copy certain types of files on the attached device. This can enable unnoticed information theft even if the computer's owner himself is the one who has attached the device and performs the innocent copying.
How to protect yourself and your organization
Several techniques for protection against slurping exists, e.g.:
- Corporate policy that forbids attaching storage devices to USB ports
- Software products that only allows pre-defined devices or no devices, to be attached to any ports in the corporate network
- Physical disabling of any USB ports
