Krishnun Sansurooah

I know what you did last summer... an investigation into remnant data on USB storage devices sold in Australia in 2015

The demand for portable digital data storage has increased with the evolution and advancement in consumer electronic devices. USB storage devices, also referred to as USB sticks, pen drives, flash drives, thumb drives, and key drives, have replaced many other portable storage. With the evolution of these devices, an increased use for data transportation has been seen for both private and commercial data. USB storage capacity has increased during the past decades with capacities up to one terabyte available today. Such devices are increasingly popular given their robustness, low power consumption, rapid response rates, non-volatile nature, and ease of transportation. This study obtained second hand USB flash memory storage devices, purchased from eBay Australia over a period of seven months, to determine whether there were any traces of data on the devices, and whether or not an attempt had been made to securely wipe the devices. If data fragments were recovered, it was assessed to see if there was a sufficient volume and sensitivity of data to be of value to anyone with malicious intent. The findings from the research show that in the majority of the cases, the USB flash memory storage devices retained a large volume of data. Concurring with outcomes from previous studies in 2009 and 2011, the devices investigated in this study, owned by both individuals and organisations, were used to store highly sensitive and confidential data. This data was not permanently nor securely destroyed prior to disposal (by sale) of the devices. Such incidents highlight the failure to meet regulatory obligations with regard to privacy legislation in Australia.

Vulnerabilities associated with wi-fi protected setup in a medical environment

Developed in the mid-2000s by the Wi-Fi Alliance, the Wi-Fi Protected (WPS) protocol assists configuration of mobile and wireless networks. Its development grew from the needs of less technology knowledgeable end-users to be able to setup wireless networks, primarily for the home environment. However, the technology is also used by small to medium sized businesses including medical environments and this presents multiple security vulnerabilities. WPS can employ four different types of authentication, with the PIN method the most popular. Consequently, Near Field Communication (NFC), Push Button, and USB are less documented and arguable less understood by users. This research describes in detail the methods and their vulnerabilities, and uses controlled experiments to test the security vulnerabilities of WPS authentication and how they can be exploited. The research suggests that a multi-faceted approach to mitigation and elimination of the vulnerabilities of WPS is warranted. Such an approach includes: education for end-users in the vulnerabilities and what precautions they should use to mitigate these; improvement in lockout policy implementation by vendors; and for the Wi-Fi Alliance to consider review of the vendor certification regarding lockout policy during attack detection. The balance between ease of use and security is a common problem, however the breaches in security in a medical environment can have many detrimental impacts for the healthcare provider organisation as well as for the patient including potential impact on patient safety and the reputation of the medical institution.

An investigation into remnant data on USB storage devices sold in Australia creating alarming concerns

Abstract USB storage devices, also known as USB sticks, pen drives, flash drives, thumb drives, and key drives, have replaced many other portable storage media. USB devices are popular given their robustness, low power consumption, rapid response rates, non-volatile nature, capacity, and ease of transportation. However, the data on these devices are most often unsecured and not deleted when disposed of. Using a quantitative and case study method to assess the extent and potential impact of the problem, this study obtained second-hand USB devices, purchased from eBay Australia to determine the data and erasure status of the devices using forensic acquisition and analysis techniques. Where data fragments were recovered, the volume and potential sensitivity of were investigated. The findings from the research show that in most cases, the USB devices held a large volume of data, were owned by both individuals and organizations, and were used to store highly sensitive and confidential data. This data were neither permanently nor securely destroyed prior to disposal (by sale) of the devices. Such incidents highlight the failure to meet regulatory obligations regarding privacy legislation in Australia. The paper provides recommendations for secure disposal of data from USB devices.