Second-hand Hard Disk remnant data study

Duration

June 2004 – ?

Internal Participants

Craig Valli , Andy Jones (British Telecom) – (ECU Adjunct)

External Participants

Iain Sutherland (Glamorgan University), British Telecom(UK), Life-Cycle services(UK)

This is an ongoing study conducted by the group in collaboration with Glamorgan University, British Telecom and Life-Cycle services (UK). This involves the purchase of hard disks from physical auction sites and online auction sites on a random basis. Forensically valid images of the hard disks are then acquired and analysed. The analysis involves attempt to profile previous users by any remnant data that may be left on the drives.

The study has uncovered serious breaches and issues with the secure disposal of personal and corporate information. In all the studies data from national critical infrastructure providers was uncovered which could be used by terrorist organisations to create significant disruption of destruction of services. Furthermore, the types of data that were uncovered in the investigation would also be a rich repository of information for identity thieves.

The study has received significant press coverage and 2005 with over 90 news services running stories about the 2005 report. British Telecom public relations management estimated the net value of the exposure from the report at 370,000 UK pounds.

Publications

Jones, A., Valli, C., Sutherland, I. and Thomas, P. (2006) The 2006 Analysis of Information Remaining on Disks offered for sale on the second hand market, Journal of Digital Forensics, Science and Law, Vol 1. Issue 3

Valli, C. (2006) Your corporate information…going, going, gone to the highest bidder, Information Age, August, 2006

Valli,C., Jones, A. (2005). A UK And Australian Study Of Hard Disk Disposal, In Proceedings of the 3rd Australian Computer, Network & Information Forensics Conference, School of Computer and, Information Science, Edith Cowan University, Perth, Western Australia, pp.74-78.

Valli, C. (2004). Throwing out the Enterprise with the Hard Disk, In 2nd Australian Computer, Information and Network Forensics Conference, We-BCentre.COM, Fremantle Western Australia.

Events

September 2010
MonTueWedThuFriSatSun
  
 1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30  

Latest News

ANZFSS (Sydney) and World Computer Congress (Brisbane)

September 3rd, 2010

secau Security Research Centre are attending the Australian New Zealand Forensic Science Symposium (ANZFSS) in Sydney and the World Computer Congress (WCC 2010) in Brisbane.  We have secured exhibition stands at each event, if you are in the area come and visit us, details below:
ANZFSS – 5-9 Septmeber, 2010
Sydney Convention and Exhibition Centre, Darling Harbour
secau are at stand [...]

Know Your Online Terrorist: the top ten ways to find radical elements whilst sipping a latte

September 3rd, 2010

This session looks at websites, social media and chat rooms as pathways to finding people and products that lead to radicalisation. From terrorist organizations to sporting fan clubs, (and everything in between) this presentation looks at the ease with which anybody can make a connection to anybody – and how you might not easily know [...]