Destruction Via Encryption
Depending on company size and an individual’s role in IT, their knowledge of
encryption can be categorized as “heard of it”, “use it if someone else sets
it up in the first place,” or “comfortable deploying it and using it daily.”
Encryption is a tool, and an important one at that, in the IT toolbox. One
of the less obvious uses of encryption is the quick destruction of data.
This can be good or bad, as illustrated in the following examples.
Self-Encrypting Drives serve a valuable function in enterprise environments
by automatically encrypting the entire contents of the hard drive throughout
the life of the drive. Using SED drives means never having to perform
multiple erase passes to secure drive contents when recycling a drive, or
worrying about the drive resurfacing on a secondary market and still
containing company data. As soon as the encryption key is changed on the
drive, the entire contents of the drive have equivalently been erased, with
no possibility of data being recovered and coming back to haunt the parent
company. In addition, shipping data from headquarters to branch locations or
to DR sites is secure since if the drive is lost, the data on the drive will
not be recovered by a third party.
On the other hand, encryption can serve as an instrument of evil as well.
The CryptoLocker malware spreading on the internet, a particularly vicious
bit of ransom-ware, is one such example. After an unsuspecting victim
initiates the infection by typically clicking a faked email from someone
they know, the software goes to work on the victim’s computer, as well as
any network shares it can access, and encrypts common office documents. The
encryption is reversible, but only if the victim can obtain the secret key.
When the software is done encrypting the contents of the victim’s hard
drive, a process that typically takes a few hours, it then pops up a ransom
screen giving the victim a short period of time to come up with money in
exchange for the secret key. The only effective defense against such malware
is incremental backups, as decrypting the contents of the documents is
practically impossible.
Encryption is entering main-stream conversations as news stories highlight
the public nature of communication on the Internet, and the various tools
companies and individuals use to secure those communications. It behooves
the versatile IT professional to stay abreast of the myriad applications
of these tools.