Digital Forensics Dispatch

Digital Forensics Blog
by Sensei Enterprises, Inc.

Researchers Bought 100 Used USB Drives on Auction Sites and Performed Data Recovery: See What Was Found

December 3, 2020

Researchers at Abertay University in Scotland performed a cybersecurity study by purchasing 100 used USB drives from the internet and examined them for retrievable data. The study, led by student James Conacher, investigated whether sellers are aware of how to properly sanitize their old USB drives of personal data before sending them out. To begin, the used drives were purchased from the auction site eBay and a forensic analysis was performed of each drive received.

Out of the 100 analyzed drives, only two contained data that was “immediately visible”, meaning the drive contained active files that the seller made no attempt to delete. 32 of the drives contained no recoverable data, and the remaining 68 drives had data that was recoverable to a certain degree. Out of the 68 drives that had data available to be recovered, full file recovery was possible on 42 of the drives.

The recovered files were then categorized into three types: low, medium, and high sensitivity. Recovered files that were classified as low sensitivity contained data such as downloaded videos, operating system installation files, and various student work. Medium sensitivity files contained various images with location data included, personal photographs, and clinical trial studies. The most concerning high sensitivity files contained data such as password lists, CVs, bank statements, invoice records, and health reports.

When making used USB drives available for purchase online without securely deleting the contents beforehand, there is immense risk on the part of the seller. However, there is also the component of buyer risk. Those who have expertise in the field of electronic evidence often lean on the side of caution when inserting used USB drives into their devices, attempting to steer clear of the possibility of malware. Out of the 100 analyzed drives, there was no evidence to suggest any drives had installed malware on them. However, the findings do not make the scenario any less possible.

To conclude, when selling USB drives online, there are techniques to utilize to ensure data security. It is recommended to make use of widely available software that has the ability to completely wipe all the contents of the drive prior to sending the drive off to a new owner.

Email: Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com/services/digital-forensics

Sensei Enterprises

Subscribe in a Reader

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Digital Forensics Dispatch

Researchers Bought 100 Used USB Drives on Auction Sites and Performed Data Recovery: See What Was Found

Ride the Lightning

Your IT Consultant

Disclaimer