Best Practices for Recovery from the Malicious Erasure of Files
There are many ways in which cyber criminals can damage computer systems and data, including changing or deleting files, wiping hard drives, and erasing backups to hide their malicious activity.
Hard drives are wiped, or “zeroed out,” when the original data is overwritten with zeros or different characters. This allows malicious actors to alter or even erase existing data. In addition to impeding the restoration of the original data, this type of criminal activity makes it difficult to determine whether criminals merely accessed the network, stole information or altered network access and configuration files. Restoring networks and assessing the damage to a business can be hindered when the full extent of malicious activity is unclear.
DHS and the FBI encourage businesses and individuals to employ mitigation strategies and best practices to effectively recover maliciously erased files, such as:
- Implementing a data backup and recovery plan. A copy of the sensitive data should be kept in a separate and secure location. Make sure this backup copy is not readily accessible from local networks.
- Regularly mirroring and maintaining an image of critical system files.
- Encrypting and securing sensitive information.
- Using strong passwords, implementing a frequent schedule for changing passwords, and making sure passwords are not reused for multiple accounts.
- Enabling network monitoring and logging (when feasible).
- Being on guard against social engineering tactics aimed at obtaining sensitive information, such as phishing.
- Ensuring that sensitive files are securely eliminated from hard drives when no longer needed or required.
There are many resources available on the US-CERT website to protect users from this type of malicious activity, including these suggested readings from the National Cyber Alert System:
- Cyber Security Tip ST04-002: Choosing and protecting Passwords
- Cyber Security Tip ST04-014: Avoiding Social Engineering and Phishing Attacks
- Cyber Security Tip ST05-011: Effectively Erasing Files
Related Articles:
- Stemming the Tide of ID Theft at Institutions of Higher Education
- Data Breach Prevention: 13 Best Practices You Should Implement
- Your Ultimate Guide to Student and School Internet Safety: Part 2
- District’s Internet Safety Program Yields Results
If you appreciated this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!
Related Content
Leading in Turbulent Times: Effective Campus Public Safety Leadership for the 21st Century
This new webcast will discuss how campus public safety leaders can effectively incorporate Clery Act, Title IX, customer service, “helicopter” parents, emergency notification, town-gown relationships, brand management, Greek Life, student recruitment, faculty, and more into their roles and develop the necessary skills to successfully lead their departments. Register today to attend this free webcast!
