Sin 13: Information Leakage

Overview of the Sin

When we talk about information leakage as a security risk, were talking about the attacker getting data that leads to a breech of security policy, whether implicit or explicit. The data itself could be the goal (such as customer data), or the data can provide information that leads the attacker to their goal.

At a high level, there are two primary ways in which information gets leaked:

• By accident The data is considered valuable , but it got out anyway, perhaps due to a logic problem in the code, or perhaps through a non-obvious channel. Or the data would be considered valuable if the designers were to recognize the security implications.

• By intention Usually the design team has a mismatch with the end user as to whether data should be protected. These are usually privacy issues.

The reason accidental disclosure of valuable data through information leakage occurs so often is a lack of understanding of the techniques and approaches of the attackers . An attack on computer systems begins very much like an attack on anything elsethe first step is to gain as much information as possible about the target. The more information your systems and applications give away, the more tools youve handed the attacker. Another aspect of the problem is that you may not understand what types of information are actually useful to an attacker.

The consequences of information leakage may not always be obvious. While you may see the value in protecting peoples social security numbers and credit card numbers , what about other types of data that may contain sensitive information? Data from Jupiter Research in 2004 showed that business decision makers were concerned about e- mails and sensitive documents being forwarded unintentionally, and mobile devices being lost. Hence, sensitive data should be protected appropriately and with diligence.