When Tapes Go Missing

Presented at DEF CON 15 (2007), Aug. 3, 2007, 4 p.m. (50 minutes)

We hear it in the news all too frequently, "26 IRS tapes containing taxpayer information potentially contain taxpayers' names, SSNs, bank account numbers, or employer information", "tapes containing customer information were stolen from a lock box... 196,000 names, SSN, etc", "disappearance of 9 tapes containing payroll information on 52,000 employees, including SSNs and in some cases bank account numbers. The 9th tape contained "less sensitive" information about 83,000 hospital patients." With quotes such as "It is important for customers to note that these tapes cannot be read without specific computer equipment and software", in attempted damage control, it is critical that we understand when such statements are true and under what circumstances they are not. With this in mind, we will take a look at the little investigated field of tape forensics. We will look at how easy it is to recover data from tape, the limitations of tape data recovery and tape data recovery methods, and of course, steps to protect your company data.

Presenters:

• Robert Stoudt
  Robert Stoudt currently spends his days ''ethically'' hacking corporate customers for a fortune 10 company. Prior jobs included Senior UNIX, M$, Network Administrators through the eleven years prior to his move to the gray side. He enjoys working on a variety of technical projects including forensics analysis, incident response, vulnerability analysis and R&D. This includes learning how things work and how to subvert them for his benefit and pleasure. He holds over 35 computer certifications including: CISSP, GCIH, SUN SCSA, Redhat RHCE, IBM AIX

Links:

• https://defcon.org/html/defcon-15/dc-15-speakers.html#Stoudt
• https://infocon.org/cons/DEF CON/DEF CON 15/DEF CON 15 video/DEF CON 15 - Robert - Stoudt - When Tapes Go Missing - Video.mp4
• https://www.youtube.com/watch?v=dUXNgLXOsiQ