Second-hand Hard Disk remnant data study

Duration

June 2004 – ?

Internal Participants

Craig Valli , Andy Jones (British Telecom) – (ECU Adjunct)

External Participants

Iain Sutherland (Glamorgan University), British Telecom(UK), Life-Cycle services(UK)

This is an ongoing study conducted by the group in collaboration with Glamorgan University, British Telecom and Life-Cycle services (UK). This involves the purchase of hard disks from physical auction sites and online auction sites on a random basis. Forensically valid images of the hard disks are then acquired and analysed. The analysis involves attempt to profile previous users by any remnant data that may be left on the drives.

The study has uncovered serious breaches and issues with the secure disposal of personal and corporate information. In all the studies data from national critical infrastructure providers was uncovered which could be used by terrorist organisations to create significant disruption of destruction of services. Furthermore, the types of data that were uncovered in the investigation would also be a rich repository of information for identity thieves.

The study has received significant press coverage and 2005 with over 90 news services running stories about the 2005 report. British Telecom public relations management estimated the net value of the exposure from the report at 370,000 UK pounds.

Publications

Jones, A., Valli, C., Sutherland, I. and Thomas, P. (2006) The 2006 Analysis of Information Remaining on Disks offered for sale on the second hand market, Journal of Digital Forensics, Science and Law, Vol 1. Issue 3

Valli, C. (2006) Your corporate information…going, going, gone to the highest bidder, Information Age, August, 2006

Valli,C., Jones, A. (2005). A UK And Australian Study Of Hard Disk Disposal, In Proceedings of the 3rd Australian Computer, Network & Information Forensics Conference, School of Computer and, Information Science, Edith Cowan University, Perth, Western Australia, pp.74-78.

Valli, C. (2004). Throwing out the Enterprise with the Hard Disk, In 2nd Australian Computer, Information and Network Forensics Conference, We-BCentre.COM, Fremantle Western Australia.

Events

March 2010
MonTueWedThuFriSatSun
  
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29 30 31  

Latest News

Open Source Intelligence: Tradecraft & Tools – 12 March

February 25th, 2010

There has never been anything in the history of humankind that comes close to the ability of the Internet to reach to almost every part of the globe.  But, as with all new technologies, it comes at a cost—many costs, in fact.
The first Google index in 1998 captured 26 million pages, and by 2000 the [...]

secAU Special Interest Group Seminar: VoIP something old something new

February 5th, 2010

Over 30 years ago the “holy grail of hackers was the compromise and utilisation of PABX systems to enable free phone calls for voice and of course data at that stage. In response to this phenomenon PABX systems became increasingly secure and less able to be compromised. Now some 30 years on we now have [...]