MI6 agent loses unencrypted USB stick containing years of drug trafficking intelligence in Columbia

(28/04/2009)

The need to use encryption when dealing with sensitive information has been once more highlighted, following the case of an MI6 agent who apparently left an unencrypted USB stick containing several years worth of drug trafficking intelligence on an airport bus in Columbia.

"Newswire reports suggest that, in leaving her handbag containing the USB stick on a transit bus at Bogota airport, the agent has compromised the work of several of her fellow agents," said Michael Callahan, Credant Technologies's senior vice president

"Reports also suggest that the loss of the USB stick has forced drug enforcement officials to relocate several of their agents and informants. If the data had been encrypted, however, this reaction would not have been necessary," he added.

According to Callahan, that the loss of a single USB stick should have compromised the activities of so many agents and their informants illustrates what a happen as a result of a single data loss incident. It also, he explained, highlights what can happen when a single lapse in IT security policy occurs and the potential for the lapse to cause problems at multiple levels.

Callahan went on to say that Colombia may well be problematic when it comes to law enforcement, but implementing an effective IT security policy that requires data held on portable devices to be encrypted is far from being a high technology issue. "This really comes down to common sense security. It's a great shame to see the UK Security Service embarrassed by a single data leak incident, but it is a security policy failure, nonetheless," he added.

The irony that this comes in a week when Europe's number one dedicated Information security event, Infosecurity Europe, takes place isn't wasted on Grant Gutteridge, Director at the Stonewood Group who manufacture the PICO Freedom, a memory stick designed to keep data completely secure.

The blunder, that has cost taxpayers millions of pounds, put scores of lives at risk and thrown the war against drug traffickers into disarray was entirely avoidable. The technology, he argues, is available and the data loss totally preventable. "It's scandalous that data loss of this magnitude was able to happen and that the technology is still not being put in place to protect data should it be mislaid, lost or stolen, " said Grant. The casualness in which the data was managed and handled begs belief.

The PICO Freedom, is part of the Eclypt family of totally encrypted simple to use "plug and play" USB connect drives. The PICO and the larger capacity drive Freedom which has a storage capacity of half a terabyte automatically encrypts data that is stored in it, 100% of the time. It is tamper resistant and password controlled, designed to lock down after a few failed attempts.

Related topics:  Data management and data security   Encryption 

Print version | Email to a friend | Related articles

Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.

Other Security news and resources