Eircom has announced that in December a number of company laptops were stolen. The laptops, which contain information of almost 7000 employees and customers were not encrypted.

Financial information, passport copies & driving licences comprise some of the data that was stored on the devices.

While there is currently no evidence that the information has been used fraudulently, in the right (or wrong as the case may be) hands, this kind of information could be a little goldmine for criminals.

Eircom have announced that they are currently reviewing encryption policies for mobile devices.

A new Trojan which has been reported to sniff out sensitive corporate data has recently emerged.

The Trojan.Spy.YEK registers itself as a system service through an encrypted dll and awaits instructions from a command and control type center. It then uploads the gathered information to an FTP server unknowns to the user. The software can run on all versions of Windows.

Many media organisations are reporting that this Trojan cannot be stopped, however a simple and effective security policy in place could easily thwart malicious software such as this. Most corporate users have no requirement to connect to FTP servers and a simple set of firewall rules disallowing this type of connection would be sufficient to stop this Trojan in it’s tracks.

Malicious software such as this takes advantage of poorly protected networks that do not have specific rules in place that block unnecessary traffic from computer systems.