Used memory sticks being sold on the internet have been found to contain sensitive Australian government data, according to a new study.
The research paper, to be presented at a cyber security conference in Perth, reveals how researchers discovered the government information amongst a "treasure trove" of confidential material on the discarded memory sticks.
And the results have prompted authors Patryk Szewczyk and Krishnun Sansurooah, of the Security Research Institute at Perth's Edith Cowan University, to urge sellers to beware they are not handing over their secrets by taking money for old memory sticks.
"The results show that sellers are sending memory cards with no evidence of erasure, poor attempts to erase data - or simply asking the buyer to erase the data prior to use," the study concluded.
"The data recovered is not only of a personal nature, but also appears to originate from Australian government departments and business."
A total of 140 second-hand memory cards were purchased during the year, with each having its data recovered and subsequently analysed - with some sellers not even bothering to delete their old data themselves.
Previous similar studies by the same authors have also revealed government data on memory sticks sold, with authors concerned sellers were not learning the lessons of increasingly common cases of identity theft.
Last year's analysis of dozens of cards purchased online also revealed nearly 20 per cent of all the memory devices contained suggestive or sexualised images.
And the authors are now suggesting sellers such as eBay need to issue warnings when data storage devices are being offered online.
"It is evident that actions must be taken by second hand auction sites, and the media to raise awareness and educate end-users on how to dispose of data in an appropriate manner," the study says.
The Security Research Institute conference, to be held over three days, will discuss all aspects of cyber security, and expert concerns about it.
These include an investigation into the possibility of hacking into the controls of a remote control aerial drone, with the results finding devices are open to attack, which means they could be controlled by a third party.
The influence and potential deception on Twitter - through fake tweets and automated 'netbots' - and how it affected the 2013 federal election was also studied.
An analysis of the open source Twitter activity for the two major party leaders was examined, with the results showing fake online personas and fake bots deploying automated Twitter dissemination.
The authors concluded the existence of a tolerance of new media "slacktivism", where Twitter users mistake auto-narrative for genuine political sentiment.
Share
