xorl %eax, %eax

Dumpster diving is still alive

leave a comment »

I would like to use a recent example to demonstrate that this threat is still valid, and companies should be considering it in their security policies. Especially, in the lockdown/remote working situation that many companies implement at the moment, this is an even bigger threat.

Dumpster diving is nothing more than going through someone’s (company or individual) trash/dumpster to discover proprietary information. Some of the most high-profile cyber-espionage cases that I am aware of had used this technique very effectively. But there is also the cyber-criminal aspect of it. For example, recently someone at Nizhny Novgorod found 10 folders with confidential information from the Vozrozhdenie Bank.

This happened literally days ago in a large organization (around 45k employees) and it shows that this threat is still relevant even for mature companies. Even more so now that many people work from home which implies that they might not have access to the facilities they had in their normal office environments. Here are some recommendations if you don’t already do that:

  • Have a clear policy for document handling/lifecycle
  • Have data classification that aligns with the policy and treats different classifications with proportional measures
  • Provide document destruction/disposal procedures
  • Provide the required equipment/facilities
  • Train, train, and train some more your employees on this threat
  • Use watermarks to identify the source of the leaks
  • Continuously monitor for leaks not only for digital goods, but also for physical ones (like documents, corporate devices, etc.)

Written by xorl

June 15, 2020 at 12:17

Posted in security

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: