Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2004-10-01 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

GDI Attacks via Email; Natural Disasters and Data Recovery / Data Security

Published: 2004-10-01
Last Updated: 2004-10-02 03:17:24 UTC
by David Goldsmith (Version: 1)
0 comment(s)
GDI Attacks via Email

We have received a few reports of email messages containing JPEG images which appear to be intended to attack the GDI vulnerability.


Natural Disasters and Data Recovery / Data Security

This story was relayed by Scott Fendley, another ISC Handler:


A co-workers son and family live in the area of Florida being devastated by all the recent hurricanes. Prior to one of the latest hurricanes, they decided to leave the area to go stay with relatives somewhere safer. They took some things with them (perhaps some important documents as well) but left their computer at home -- their computer with all their digital pictures and online banking and other financial information. Upon their return, they discovered the house had been flooded with up to four feet of water.


Their insurance company said to place all of the damaged property outside in front of the house to make it more convenient for when the claims adjuster came by. They put out all of their damaged furniture as well as their computer. That night, someone came by and stole the computer.


Well, the computer may have been destroyed, but the hard drive was probably still functional if removed and installed into another computer, so someone could have just gotten lots of personal and financial information about these folks such as bank accounts, credit cards, etc.


What about paper records (such as monthly banking and credit card statements) that may have been turned into a soggy mess as well? Was this all just thrown out where it could be scavenged as well?


Data Recovery: When making backups of your data, you need to take into account what you need to backup, how to back it up and where to store the backups. In this case, if they made backups of their online financial data onto Zip disks and stored the disks at home, those backups may not be available or in usable condition. Periodically backing up your data to a removable USB/Firewire hard drive and storing the drive at another physical location would greatly increase the likelihood of having a usable backup afterwards in such a disaster.


Data Security: How do you dispose of such data? If you have a bad hard drive, do you just throw it out or do you physically destroy it up with a hammer? Do you just throw out records with personal information such as account numbers or do you shred such paper? If you shred it, do you use a strip shredder or a cross-cut shredder which results in many more much smaller remnants?

Scott's acquaintance's relatives are now having to contact all of their financial organizations to get new account numbers, new PINs, place a notice on the credit reports -- all to hopefully minimize, if not eliminate, the risk of them becoming the victims of identity theft due to the potential loss of sensitive data.




------------------------

David Goldsmith

dgoldsmith at isc.sans.org
Keywords:
0 comment(s)
Diary Archives