Although he made an effort, destruction of the killer's hard drive may not have truly been complete. For most users, the simple act of cracking the hard drive case is enough to render the drive useless, but forensic recovery can recover data from very adverse situations.
Simply defacing or even shattering a hard drive will not necessarily render the data inaccessible. We have assembled several references that outline how resistant these devices are to damage. It is now well confirmed that sledge hammers, torches, and even magnets applied to unopened cases are insufficient to completely destroy hard drive data.
Recovery can be VERY expensive, but it is also VERY likely if the right technology and technique is applied. Whatever data may remain may prove very valuable to investigators as they attempt to more fully understand this horrendous crime. We wish them every success as this awful situation unfolds further.
To really erase data, you have to remove that chemical coating from the platters, which requires the assailant to take the drive case apart. Even then, most hard drives contain multiple platters, and data is written across them. That means that data destroyed on one platter may be reconstructed by looking at the adjacent data stored on other platters. Asked about drives that have had nails driven through them, Demirjian said that his company – which has worked with the U.S. military and law enforcement on data recovery – can usually get data off of them.
"Within a hard drive, there are several square feet of [read/write] surface, and any given file takes up less than a square millimeter," Kaminsky says. "That means even if the drive is dented or shattered into tiny pieces, the actual surface that contains the data is still there and readable."
Kaminsky compares a shattered hard drive to a piece of paper that is torn apart. If all of the pieces are still there, you can "tape it back together" and make out what was originally written on it. To read a shattered drive, its disk will need to be reassembled, which is a daunting but doable task.
In an interview with the BBC, professor Andrew Blyth of Glamorgan said that "between 35-40 % of the disks held commercially sensitive information." The hard drive data included NHS patient information, intellectual property, and in the case of one machine bought in the U.S., launch codes for a missile system.
Many organisations use outside service providers to handle the process of disposal and hard drive data destruction, but they are not always absolutely reliable, as the BT study discovered. For instance, two of the disks were found to hold data from hospitals in Lanarkshire. According to the Lanarkshire Health Board, the disks should have been properly wiped by an outside service provider for disposal. After reviewing procedures, the hospital now handles the process in-house.
“For the average person, software approaches are completely fine,” Knotts says, but a leak of even a few words of NSA information could be dangerous.
The Guard Dog destroys all the data on a drive, even in parts that computers cannot access, and it can erase any magnetic media – VHS tapes, DAT tapes, ZIP disks and the like – in the same way that it erases hard drives. While CDs are beyond its reach, Knotts says that those can be easily destroyed using a sander-like tool that grinds off the bottom plastic layer and cuts into the underlying aluminum plate.
Don't Erase Or Degauss, These Processes Cannot Be Guaranteed
Degaussing is a process whereby the magnetic media is erased using a reverse magnetic field to scramble the electronic data and make it unreadable. However there is simply no way to guarantee that a particular degaussing machine is powerful enough to destroy all of the data on a hard drive. It is not possible to create a sector-by-sector sector verification of the process. As degaussing destroys other components of the hard drive, it is not possible to view the drive for even a cursory inspection.
Data Wiping is when data is destroyed using data erasure software, and the media is reformatted so it can be used again. However, because software and forensic specialists can recover wiped fragments, there is no way to ensure complete destruction of the information.
Physical Destruction is the best method if you want total peace of mind. The media is sent through a shredding device with very sharp blades. Our secure destruction service will make your data an unreadable pile of debris and eliminates any chance of the information ever being recovered.