Security news12 September 2007
Sophos welcomes arrest of man accused of identity theft through file sharing The US Justice Department made its first arrest of someone using file-sharing digital data to commit identity theft
Sophos, a world leader in IT security and control, welcomes the news that the US Justice Department made its first arrest of someone using file-sharing digital data to commit identity theft.
Gregory Thomas Kopiloff used the file-sharing program, Limewire, to steal people's personal financial information, which he then used to open new credit card accounts. According to a four-count indictment, Kopiloff charged as much as $73,000 on the cards, reselling all of the purchased items at half-price and keeping the rest. Authorities have identified 83 victims so far.
Concerns about the security of P2P file-sharing applications such as Limewire have been growing during the past several years. Because of the network framework that drives P2P, individuals are able to share files unknowingly, meaning there is a significant opportunity for hackers to access private (and often confidential) information to use to their advantage. Current P2P networks do not have adequate security measures to block users from unknowingly sharing information or warn them that it's happening.
"P2P networks present risks to not only businesses, but also home computer users," said Ron O'Brien, Boston-based Sophos senior security analyst. "For example, if one person in the house downloads an application and stores the file in the 'My Documents' folder and a hacker happens to gain access to that P2P file, he or she can search any file within the entire folder. If the owner of that file has personal documents like medical records, resumes, documents with their address or phone number on it, or any other private, personal information, the hacker can access any of it."
Solutions such as Sophos's Application Control offer network administrators relief from these potentials threats. Application Control allows system administrators to selectively block unauthorized VoIP, P2P, games and Instant Messaging (IM) applications that can present risks to company data and networks. Sophos's solution gives system administrators the power to selectively allow or block usage of applications by individuals or groups. As a result, they can implement flexible policies that reflect the diverse needs of groups across the enterprise. Sophos currently blocks Limewire, as well as popular P2P sites emule, bitorrent, utorrent, morpheus and Azureus.
"Until file-sharing networks integrate enhanced security features, it is imperative that businesses and household users of such programs take proactive measures to protect their intellectual property and private information against potential hackers fishing for personal information to use to their advantage," continued O'Brien. "While implementing technologies like application control solutions is one way to protect yourself, computer users must remember to always update or employ the most recent security features offered to guarantee the utmost protection."
- Find out how to stay secure against a wide range of threats.
- Get more information on Sophos's Application Control.
Free virus scan
- Free virus, spyware, and adware scan
- Test your existing anti-virus protection
- Find threats your anti-virus missed
About Sophos
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.
