Introduction 

Security in the technological world cannot be limited to internal controls, inputs, outputs, personnel, and top management strategies. It is crucial to ensure the appropriate destruction of the information which is of no relevance to the company. You should always note that the information which is of no relevance to the business can be used illegally by unauthorized bodies. It can create trouble for the organization and increase its legal complications. 

In this article let us look at:

  1. Dumpster Diving’s Definition
  2. Dumpster Diving Meaning
  3. What does a Hacker look for in Dumpsters?
  4. Dumpster Diving Security Attack
  5. Dumpster Diving Examples
  6. Preventive Measures: How to prevent Dumpster Diving?

1. Dumpster Diving’s Definition

Dumpster Diving refers to various methodologies to grab information about the end-user. It helps him to get unauthorized access to sensitive networks due to data gathered from the trash. The term often in Information Technology and cybersecurity refers to the method through which hackers will get access to the legitimate source.  

2. Dumpster Diving Meaning 

Dumpster Diving refers to searching in a physical waste bin for physical documents that may contain account numbers, passwords, and other legal identity numbers. It also refers to dragging in the electronic waste bins and recyclable bins in the end user’s devices for sensitive and undisclosed data useful in carrying out illegal activities. 

Usually, the physical documents such as Invoices, credit note, and debit note discarded possess information vital for competitors. They can get access to the suppliers and buyers list. This will enable them to influence the stakeholders. It also uses various social engineering techniques to get access to the information system of the company. The company must define a disposal policy to avoid public embarrassment and legal repercussions. 

3. What does a hacker look for in dumpsters? 

  • Email address or Domicile address
  • Cell Phone numbers
  • Private Passwords, PINs and any other sensitive codes that are written as a reminder 
  • Financial Statements such as Audit reports, Balance Sheets, ledger accounts, etc.
  • Bank Account Statements, 
  • Medical reports
  • Digital Signatures
  • Former employee’s biometric cards
  • Duplicate trash copies of Identity proofs such as Pan Cards, Driving License, and other identity cards (Aadhar Card In India)
  • Employees’ Phone Number list, Policy manuals, and various strategical printouts. 

4. Dumpster Diving Security Attack

It is used for identity theft, as many times we unknowingly discard debit cards, credit cards, and various identification documents. Any rubbish item which bears the name, address, phone numbers, passwords can be beneficial for a person with malicious intentions. Several other methods can affect cooperate assets and give the competitors’ an edge. Identity theft can cause various criminal instances such as procuring loans, identity frauds, and various others. 

The courts, in many cases, have held that the trash placed over the streets is usually not expected to be private. Therefore, it is the management’s responsibility to dispose of it appropriately to avoid any future hardships. 

When the top management frames various strategical policies related to new products or services, they should be indeed cautious while discarding the valuable documents. Because any valuable leaks can steal their efforts and give their competitor an edge over them, causing them financial loss and market share loss. 

5. Dumpster Diving Examples

In the 1960s, Jerry Schneider had earned a huge chunk of wealth from the telephone equipment till many years of his arrest. He had recovered instruction manuals from The Pacific Telephone And Telegraph Company. 

In 2000, in the most famous case of Larry Ellison, the CEO of Oracle hired private detectives to find any useful information from the dumpsters of Microsoft. It was an effort made to acquire information about the upcoming developments to support its lawsuit. 

In 2001, Industrial Espionage was identified as connected with the shampoo market between the competitors’ Proctor & Gamble and Unilever. The investigators of Proctor and Gamble went through recycle bins outside the Unilever Corporations. They succeeded in gathering vital information about market analysis, its predictions and its upcoming products. However, the two corporations made the out-of-the-court settlement. 

6. Preventive Measures: How to prevent Dumpster Diving? 

To prevent financial, technical, and personnel loss, Business organization have developed many practical ways to discontinue the practice of dumpster diving. Techniques such as shredding the paper documents, locking recycle bins, firewalls, and other precautions should be implemented to discourage hackers from getting access to the waste data. These techniques will ensure that the data is completely cleared from the storage devices.  

  • Lighten your dumpsters: 

Well-lited dumpsters will make the scavengers to rethink their malicious intentions. The lights should be installed over the waste bins so that early detection can be made of any dumpster. The lights should be installed on the top of the floor where the ordinary people cannot reach. 

  • Installation of Motion-Sensing Digital Cameras: 

Any intruder can be easily detected by motion-sensing cameras that will assist in the monitoring of the trash bins. They are available at affordable costs. They should be regularly maintained since if they get out of service, such an investment will become worthless. 

  • Destruction of duplicate copies: 

The waste duplicate copies of personal vital documents should be destroyed appropriately. It is convenient to misuse such copies for criminal activities that can later create many problems. It should be ensured that there is no such information that can be later misused by the dumpsters. 

  • Outsource Monitoring Service: 

There are various service organization that carry out monitoring security services. Their services are aided with the remote monitoring camera. Whenever they observe any irregularity near the dumpsters, they can immediately report the security authorities about such activity. 

  • Fencing of Dumpsters: 

There should be adequate fencing around the dumpsters to avoid any intrusion for dumpster diving security. It doesn’t give any guarantee of the safety of the dumpster.  However, it will create difficulty for the intruder to find information from the trash bin. 

  • Destruction of waste hardware: 

One should destroy the CDs or DVDs containing personal data like photos, videos, or any other sensitive information. When the computers, laptops, mobile phone or any other hardware lose their importance, they need to be cleaned while all the files should be deleted to eliminate future complications. 

Conclusion

 Strict procedures and their implementation will avoid the leakage of sensitive information. Companies should try to use cross-cut shredders or bins to clean the hard drives and floppy disks magnetically. Eventually, it is necessary to create awareness by educating the staff to eradicate dumpster diving. Audit trails of trash should be adopted, and private investigators can be hired to experience their expertise in obtaining the information from the trash.

So, have you made up your mind to make a career in Cyber Security? Visit our Cyber Security Courses for further help. It is the first program in offensive technologies in India and allows learners to practice in a real-time simulated ecosystem, that will give you an edge in this competitive world.

ALSO READ

SHARE
share

Are you ready to build your own career?