Empty the Recycle Bin is useless, hackers can "restore it in seconds"

do you know? Deleted computer files can actually be "recovered" by hackers in seconds!

In our daily work, we all have the experience of deleting computer files, but many people never seem to delve into whether these files are really completely deleted. I always feel like sending them to the "Recycle Bin" with one click, and then clicking "Empty Recycle Bin" will make everything fine.

But this is not the case. Although the deleted files have disappeared from the Recycle Bin, they actually still exist in our computer system. These files do not really disappear, but are moved to other places.

Be aware that some deleted files may contain a large amount of confidential information and sensitive data. If this data is not handled properly and is recovered and utilized by hackers using tools, it is likely to cause huge losses to the company or individual.

According to a previous "Privacy for Sale" study jointly conducted by Blancco and Ontrack, more than 40% of second-hand hard drives contain data left by previous users. This legacy data includes large amounts of office and employee emails, photos and documents, which puts users and employers at risk of privacy, financial and reputational damage. In addition, more than 15% of hard drives contain sensitive information. So how to ensure that the files really disappear is very important to us.

Where did the deleted files go?

In fact, when we delete a file on the computer, we actually just remove the file from the directory structure in the file system, and the deleted file data still remains in the computer hard disk space.

Simply put, the data is still on the hard drive. But when viewed on the computer, the space where the file data was originally stored is marked as a blank area. New data can be written into this blank area at any time. In other words, deleting a file only deletes the pointer information pointing to the data, and does not actually delete the data. The deleted file still exists on the hard disk, but becomes invisible.

The delete command only marks the file directory entry for deletion and does not cause any changes to the data area. Since the deletion operation cannot actually erase the disk data area information, some data recovery tools take advantage of this to bypass the file allocation table and directly read the data area, and then recover the deleted files.

Seeing this, some people may want to ask, if one-click deletion to the recycle bin cannot completely destroy the data, what about formatting the hard drive? In fact, formatting only creates a new empty file index for the operating system, which is almost the same as emptying the Recycle Bin. After the operation, it just marks all sectors as "unused", making the operating system think that there are no files on the hard disk. In most cases, formatting will not affect the data area on the hard drive. Therefore, data in the formatted hard drive can also be recovered using data recovery software tools.

Taken together, due to the different nature of information carriers, compared with paper files, data files are usually stored in physical storage media (such as U disks, tapes, hard disks, and optical disks), and their destruction technology is more complex and the operation is more cumbersome. . Whether you reformat the drive (especially with a quick format), delete files from the active environment, or even drag files to the Recycle Bin, the information remains. All these methods only delete the pointer information pointing to the data, and do not actually delete the data itself. When deleting files, it is crucial to use effective, certified and proven data cleaning methods. Only by adopting correct and thorough data destruction methods can complete decryption be achieved.

The serious consequences of insufficient data destruction are “shuddering”

In today's era of information explosion, data has become one of the most valuable assets of an enterprise. With the rapid development of cutting-edge technologies such as big data, cloud computing, and the Internet of Things, the amount of data accumulated, stored, and processed by enterprises is increasing at an unprecedented rate.

However, the huge value brought by data is also accompanied by unprecedented security concerns. Problems such as data leakage, illegal use and personal privacy infringement frequently occur, which have a serious impact on the economic interests and brand image of enterprises. Therefore, data destruction is a key link in the entire data life cycle management, and its importance to enterprises is self-evident.

If an enterprise fails to destroy 100% of its redundant data, not only will the enterprise have a false sense of security, but it may also lead to the leakage of large amounts of information, such as emails, confidential documents, and other sensitive information that could be compromised by hackers. Illegal use can easily bring high security risks to enterprises.

According to the Identity Theft Resource Centre, in addition to the risk of intrusion, stricter data protection rules mean companies must not slack off on information management, such as the Protection of Personal Information Act (POPIA) and the General Data Protection Regulation (GDPR). POPIA and GDPR promote the same principle of storage limitation, which enables businesses to delete personal data when it is no longer needed. Additionally, data storage costs and storage limitations are significant challenges faced by many companies.

Data destruction is the "end" of data processing activities. If there are errors in this link, leading to data leakage, it will not only damage the rights and interests of the personal information rights holders, but also cause the leakage of corporate trade secrets, and may even affect society and the public. national security and development. The aforementioned consequences are not alarmist. Data leaks occur every year. In addition to malicious attacks, in many cases it is due to data processors not operating properly when destroying data.

Tesla has previously been reported that its discarded parts pose a risk of user data leakage. Tesla's Media Control Unit (MCU) stores a large amount of user privacy data. Although Tesla requires manual confirmation whether the abandoned MCU interface is completely destroyed, in fact the abandoned MCU can be traded, and the interface Undamaged units sell for more. The hacker who collected such a media control unit said that based on the user information left above, he could easily obtain the user's phone number and private address.

It is not an isolated case where a company has neglected to destroy data in office equipment, and others have illegally obtained confidential information, thereby defrauding users in the name of the company. Moreover, it is not only the data in the computer that may be subject to such leaks. A variety of equipment such as abandoned routers, printers, paper shredders, etc. in the enterprise may lead to security incidents due to incomplete data destruction.

Previously, researchers from network security company ESET purchased 18 second-hand core routers online and tested the data retained in the devices. The devices included 4 devices from Cisco (ASA 5500) and 3 devices from Fortinet (Fortigate series). and 11 devices from Juniper Networks (SRX Series Services Gateways). After testing, researchers Cameron Camp and Tony Anscombe found that more than half of these devices had complete and accessible configuration data and could still be used normally. The test results showed that 1 of the devices was not working properly on arrival and was eliminated from the test. The 2 devices were mirror images of each other and counted as one in the evaluation results. Among the remaining 16 devices, only 5 devices had their data completely cleared, and 2 devices had almost all data cleared. Among them, the saved configuration data was difficult to access. The remaining nine devices retain complete configuration data of the previous user's configured network and system connections, including owner information, and can be easily accessed by anyone. Researchers say some routers retain customer information, data that allows third parties to connect to the network, and even "credentials to connect to other networks as a trusted party." Additionally, in the above test, 8 of the 9 routers that preserved complete configuration data also preserved router-to-router authentication keys and hashes. Corporate secrets lists extend to complete mapping of sensitive applications hosted on-premises or in the cloud. For example: Microsoft Exchange, Salesforce, SharePoint, Spiceworks, VMware Horizon and SQL, etc. Attackers can deploy specific exploits throughout the network topology based on the granularity and specific version of the application exposed by the router.

For enterprises, such detailed internal information is usually only accessible to "high-level personnel", such as network administrators and their managers.

However, because the data is not completely destroyed, hackers can easily use the sensitive information in second-hand core routers to easily develop attack paths and plans, and penetrate deep into the network without being discovered. With such detailed network information, impersonating a network or internal host is much simpler for an attacker, especially since second-hand router equipment often also contains VPN credentials or other easily compromised authentication tokens.

To make matters worse, by analyzing the information in second-hand routers, researchers discovered that some of these routers came from the environment of managed IT providers, which operate the networks of many large companies. For example, managed security service provider MSSP handles networks for hundreds of customers in various fields, such as education, finance, healthcare, manufacturing, etc. This test result is really chilling, and the importance of data destruction is self-evident.

Although our country has not yet promulgated effective laws and regulations on data destruction nationwide, various localities have successively issued corresponding documents to standardize the management of government data and public data and supervise corporate data compliance, and clearly emphasize the need to establish data Destruction system:

*Information compiled from official websites of local governments

Data destruction is the last line of defense for data security

For the implementation of data destruction, in addition to institutional-level specifications, technical implementation is also crucial. Without the support of destruction technology, the system can only be reduced to a "castle in the air." Current data destruction technologies can basically be divided into two categories:

The first is to destroy the media, which is to directly destroy the media storing data. For example: destruction through physical means such as incineration, high temperature, and crushing; degaussing by applying a strong magnetic field to the mechanical disk through a degaussing machine, which has achieved the effect of data destruction; or chemical destruction using various acid and alkali corrosive media.

The second step is to erase the data, which does not destroy the media but only destroys the data itself, also known as logical destruction. For example: clearing data through data overwriting so that it cannot be "restored" to the original data; using encryption settings to make it "impossible to crack with current computer computing power."

Each data destruction technology has its own advantages and disadvantages. For data processors, they should choose the data destruction technology that suits them based on the data they have, the technical cost and the destruction effect, so as to reduce the risk of data destruction as much as possible. At the same time, enterprises should also establish a special management system for data destruction, clarify the objects, rules, processes, responsibilities, etc. of this link, so as to standardize the destruction behavior of specific operators and carry out data destruction activities in an orderly manner.

However, there are still only a few entities that can configure relatively complete data destruction technology on their own. Destroying media requires special equipment, tools and venues, and erasing data requires reliable technology and personnel, which means higher requirements for data processors. Moreover, the data processor destroys the stored data on its own. On the one hand, it lacks the ability to supervise and "acts as both an athlete and a referee." This makes it difficult to ensure the true effect of the destruction when the data must be destroyed; on the other hand, " "It's hard to guard against domestic thieves" and taking risks for profit cannot be eliminated, so there is a risk of data being resold by employees who have destroyed the data. Therefore, many companies will choose to entrust a third-party authoritative agency to handle it on their behalf. However, when choosing, you should also be sure to entrust a unit with relevant qualifications to ensure the safety and reliability of data destruction.

At present, there is no general open national standard for data destruction in my country. However, in this field, the DOD 5220.22 technical standard of the US Department of Defense is widely used. This can be used as a reference to evaluate whether third parties meet or even exceed the requirements of this standard.

In addition, the publicly available national standards were published in 2011. Among them, the BMB21-2007 standard is "Safety and Confidential Requirements for Carrier Destruction and Information Elimination Involving State Secrets", which is a standard for carrier destruction and information elimination involving state secrets. clear. Moreover, according to the investigation, the aforementioned standard should have been updated to BMB21-2019, and there are indeed individual units in the data destruction industry that can meet this standard and possess the "Secret Information System Product Testing Certificate" issued by the National Confidential Technology Evaluation Center. Therefore, data processors can also review the technical capabilities of third-party data destruction based on relevant national standards with higher requirements.

postscript

Data destruction is a very important part of data security construction, which can effectively prevent data leakage, abuse or improper use, and protect personal privacy and corporate confidentiality. Data that is not securely destroyed may be stolen by hackers or used by criminals for illegal activities, causing irreparable losses to businesses and individuals. Therefore, data security construction must regard data destruction as an important link to ensure full-cycle management of data security.

At the same time, destroying some expired and redundant data can also reduce storage space usage and improve data processing efficiency. A standardized data destruction process can effectively help companies avoid unnecessary legal risks. Therefore, it is very necessary for enterprises to establish a sound data destruction system and ensure that the destruction technology is complete and reliable.