Description: C:\Users\Gimode\Desktop\LOGO\CAK LOGO-01.jpg

National KE-CIRT/CC Cybersecurity Best Practice Guide Of The Week

 

 

In This Issue:

*        Dumpster Diving

 

 

 

 

 

 

 

 

 

 

 

DUMPSTER DUMPING

 

/Users/timothy/_ke-cirt/Security Tips/_Web/DUMPSTER_DIVING.fld/image003.jpg

 

What is Dumpster diving?

As the saying goes, one man’s trash is another man’s treasures is proved by dumpster diving.

*         Dumpster diving is the retrieval of useful data by information diving from E-waste or the garbage.

*         Electronic waste (E-waste) – is discarded electronic devices such as; computers, mobile phones, office electronic equipment for reuse, resale, recycling, salvage or disposal.

*         Information diving – is the retrieval of data from discarded material. This can include office or company trash bin, public landfill, garbage or from ewaste.

*        Dumpster divers retrieve information by searching through trash or garbage to obtain useful information.

*        The information gained can be used to carry out several cybercrimes like Identity theft and Impersonation.

 

How can information gained be used?

·      Create new bank account and funnel money from existing accounts.

·      Create new ID cards.

·      Take over your E-citizen account and manipulated data as pleased.

·      Request for loans.

·      Create new credit card in your name and pay for goods and services with it.

·      Blackmail you with the data at hand.

·      Handover the data to competitors.

·      Encourage theft in case you had disposed cartons wrapping your new flat TV screen or Laptop.

 

*           Secure techniques of disposal should be employed while disposing confidential and personal documents like; ledgers, transaction records, medical or legal documents, expired credit cards, IDs and passports, your signature among others.

 

Techniques for secure data destruction before disposal.

i.       Shred of all confidential documents and documents that contain very personal or private information.

ii.     Wipe hard drives before disposal of electronic devices like computers, smartphones, printers among others before disposal, resale, 

iii.   Adhere to the company policies for data disposal and destruction.

iv.   Outsourcing to a legitimate and liable data destruction companies.

 

NOTE:

Secure data destruction:

1.   Documents

·      /Users/timothy/_ke-cirt/Security Tips/_Web/DUMPSTER_DIVING.fld/image004.pngStrip-cut and cross-cut shredding are two shredding techniques that with time and resources, one can rejoin the shredded documents.

·      Micro-cut has proven to be the best shredding technique that is irreversible.

·      It’s advisable to use a micro-cut shredder for highly confidential data.

 

2.      Electronic storage devices

·      Methods of data destruction stored in hard disks and multimedia devices like DVDs are Demagnetization, Disintegration, Shredding, Puncturing, Erasing, Melting. There are machines designed to perform these duties.

·      Basic deletion, Formatting, bending, hammering and overwriting, are not perfect data destruction methods since data can be recovered by employing high-tech data recovery tools.

 

Have the above security tips in mind when operating your computer systems. Report any cybercrime incident/activity

to  incidents@ke-cirt.go.ke. / www.ke-cirt.go.ke

/Users/timothy/_ke-cirt/Security Tips/_Web/DUMPSTER_DIVING.fld/image005.png/Users/timothy/_ke-cirt/Security Tips/_Web/DUMPSTER_DIVING.fld/image006.png/Users/timothy/_ke-cirt/Security Tips/_Web/DUMPSTER_DIVING.fld/image007.png