Computer Crime Research Center


Technical and Legal Protection of Information

Date: July 27, 2004
Source: Computer Crime Research Center
By: Natalya Aktyrskaya

The level of security of information processed in systems and at the objects of information infrastructure is determined by a block of its features including three following:

- confidentiality - property of information to be protected from unauthorized access;
- integrity - property of information to be protected from unauthorized alteration, deletion or deterioration;
- availability - property of information to be protected from unauthorized suppression.

In 2003, 94% of British companies reported security incidents related to computer security. 91% of these cases were intentional. As Financial Times reported, such information was given in information security report brought by British Chamber of Commerce and Industry. For the last four years a three-fold growth of total number of incidents was noted in this field. Rapid development of the Internet that has brought Britain to the second place by density of the Internet users, has also brought significant risks alongside. The average size of damage caused by serious computer security incidents amounted to GBP 10,000. This sum reached GBP 120,000 for huge corporations. One firm reportedly incurred a GBP 250,000 loss due to confidential information theft.

Thefts and counterfeits of credit cards turned into a real disaster. Companies, especially banks, try to conceal incidents of computer theft as they fear that consumers, partners, depositors, shareholders would lose faith in their brand names if they were exposed as compromised. That's why scales of losses reported in the official statistics are negligibly registered. Experts believe that sizes of computer thefts are four-fold bigger as compared to losses caused by armed robberies in the USA. During the last 10 years annual losses have increased for more than 20 times and now make up to tens of billions of dollars.

Counterespionage and industrial espionage also develop at a quick pace. Special services were formed to cooperate in this field with governmental intelligence; American Society for Industrial Security was even created.

Computer science that maintains this activity exists and evolves. New legal, illegal methods and means of obtaining information on competitors' secrets are being developed. Computer struggle became a usual thing in the world of market relationship, including foreign trade. Since information networks of advanced nations are united, possibilities of introduction of logic bombs grow. They are programmed in software during development as the means of fighting against illegal copying. Computer fight completed electronic espionage, made it active.

One of the points of information leakage is tightly bound with deletion of electronically stored information.

At the moment there are several ways to remove electronically stored information completely. Information destruction is erasure of information from the hard drive so that any software or other means cannot recover it. Methods of information destruction divide into three main groups:
  1. Software methods based on deletion of information recorded on magnetic carrier with the help of standard means of recording of information on magnetic carriers. If information was deleted by standard means, magnetic carriers can be repeatedly used. Deletion is simply and naturally carried out through overwriting of information. Overwriting is a process or recording of unclassified information to the storage area where classified data were previously stored. It is noteworthy that at overwriting of information operability of the device remains the same. It is impossible to carry out foolproof deletion of information if the device is worn-out or broken.

  2. Mechanical method is related to mechanical damage of the basis where magnetic layer was plotted - physical carrier of information.

  3. Physical method is related to physical principles of recording on magnetic carrier, based on rebuilding of structure of carrier working surface magnetic material.

The last two methods of deletion usually lead to destruction of the carrier with no possibility to use it in future.

One of the simplest ways to delete information from the hard drive is the method when one edits the boot record of a hard disk and puts in zeros instead.

Though in such cases the information is not deleted, this method just complicates the access to it and it can be easily recovered using special software that analyses sectors of the hard disk.

The more efficient way of complete deletion is operational consecutive writing zeros and ones in data sectors. At that not only the boot record but all data are deleted.

The best way to provide maximum level of information deletion is a method based on data overwriting on the carrier with the help of several cycles of overwriting, and in some cases not only zeros and ones are wrote, but some additional masks.

The more cycles of information overwriting, the more complicated to recover are the data; but the number of cycles is unknown. The more times the head rewrites data, the greater is the probability that it erases areas of residual magnetization on the edges of the tracks.

Chains overwrote to data sectors are standardized. There are some algorithms to delete information. For example GOST R50739-95 RF (Russian Federation) uses two cycles of recording, at first zeros are wrote and secondly the codes are applied.

Though overwriting is a reliable method of information removal, it doesn?t bring in the effect of complete deletion, as information recovery is still possible. To ensure this, very sophisticated and high-cost equipment is needed. The method of overwriting pays off when the information is cheaper than the equipment needed to recover it.

We can outline the following advantages of the given method:

  1. Low prices for software to delete information.

  2. Possibility of subsequent use of the carrier.

  3. Time cost is about 10-60 minutes.

In conclusion, it's worth to note that deletion of information in not an easy task. It demands significant funds. Confidentiality of information is regarded priceless in these cases. Therefore it is necessary to pick up a method where recovery of information would be more expensive than the very information.

Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo