Page 208 - Cyber Defense eMagazine September 2025
P. 208
internet; it’s someone you already let in the front door. These threats are surprisingly common – in fact,
a 2024 survey found that 83% of organizations experienced at least one insider attack in the past year.
Why so many? Because insiders have a distinct advantage, they know the systems, the people, and the
weak spots, making their malicious moves hard to spot.
In most cases, someone on the inside either hands over or left behind sensitive info. In addition, because
traditional security often focuses on external foes, insiders can slip right past standard defenses. It’s a
wake-up call: to protect data, companies must guard against threats coming from within, not just outside.
The Illusion of Deletion
For many, the “Delete” key feels like a data-stomping out command. However, in reality, file deletion on
computers is mostly cosmetic. When you delete a file (and even empty the Recycle Bin), the operating
system merely marks that disk space as “free”. It removes the file’s entry in the directory. The actual bits
of your file remain on the disk until something new overwrites them. Security experts put it bluntly, “simply
dragging [files] to the trash bin isn’t enough” because the data stays put until overwritten. As one Windows
insider forum contributor explained, deleting a file “makes it invisible and inaccessible through normal
means,” but “the actual data remains on the disk until it’s overwritten by new data.”
In practice, this means deleted files can be recovered. Specialized recovery tools or even forensic
services can reconstruct your “gone” file from the non-overwritten sectors. Even something as simple as
a leftover spreadsheet or photo can be brought back with a quick scan. The idea that deletion equals
destruction is a dangerous myth.
Secure File Erasure as a Defense Strategy
Secure file erasure—also known as data shredding or sanitization—serves as a reliable solution to the
false sense of security that comes with simply deleting files. Rather than merely relocating data to
unallocated space, secure file erasers overwrite the original information, often multiple times, using
specific patterns to ensure it cannot be recovered. Good erasure tools follow rigorous standards. For
instance, some methods overwrite data 3 to 7 times with layers of random bits (finishing with a pass of
zeros) to thwart any remaining trace.
Secure erasure complements other security measures. It sits at the very end of the data lifecycle: after
you’ve transferred or backed up what you need, you run the eraser so nothing legible remains.
Sometimes this involves built-in commands (like Windows’ cipher /w or diskpart clean) or bootable wipes
like DBAN. For SSDs, you might use hardware-level secure erase or encrypt-then-throw-away-keys,
since wear leveling complicates ordinary overwrites. After erasure, if an insider (current or former) tries
to grab data from a retired disk or hidden folder, there’s nothing readable there. In effect, secure wiping
turns potential leaks into dead ends. Data thieves simply won’t find files to recover.
Secure erasure also helps with compliance. Regulations like GDPR, HIPAA, or CCPA require
organizations to securely delete personal data and sometimes to prove that deletion.
Cyber Defense eMagazine – September 2025 Edition 208
Copyright © 2025, Cyber Defense Magazine. All rights reserved worldwide.
