A UK think tank has concluded that the prevalence of portable storage devices and mobile phones will be the biggest headache for those who want to protect data and ensure total system security over the coming 12 months.
The Digital Systems Knowledge Transfer Network has made this announcement, with director, Tony Dyhouse, saying that devices capable of storing data in a portable form factor, will allow cybercriminals the opportunity to exploit new security weaknesses in 2011.
It is not just the data storage abilities of these devices but also the fact that they can connect to wireless networks that makes them vulnerable, according to Mr Dyhouse.
He expects hackers to find new ways of hijacking the data being sent and received over Wi-Fi and Bluetooth, allowing criminals to act in a clandestine manner which is difficult to detect, while harvesting significant amounts of information.
Mr Dyhouse believes that the average user needs to wise up to the potential threats posed by using this type of device. He said that the firms which provide portable gadgets will not take responsibility for the security in the event of data loss and, as such, it is down to the end user to act as ultimate guardian of the details stored within.
The potential for human error to result in data loss or even for users to become complicit in data theft, is of great concern among security professionals and the think tank is urging organisations to make employees take responsibility for how they use portable devices.
Mr Dyhouse emphasised the fact that he is not expecting every user to become an expert in data protection overnight, but, instead, is seeking an improvement in the general level of understanding with regards to how cybercriminals operate and how they leverage social engineering to prey on their victims.
Mr Dyhouse told Infosecurity Magazine, that the government’s pledge of investing £650 million to help combat the threat of cybercrime was a positive step, but that when compared to the losses suffered by businesses, it is a fraction of what is required.