The majority of today’s businesses rely in some way upon computer systems to handle the tasks of everyday commerce. These businesses are increasingly using computers to work with their internal and external documents, depending more and more on digital storage every day. Most attention has been focused on well-known problems such as viruses, exploits, etc. Attacks by intruders and insiders have led to billions of dollars in lost revenue and expended effort to fix these problems (Freeman, Long, Miller & Reed, 2001, ¶1). For the most part, these attacks have been focused on software based vulnerabilities, while perhaps the most devastating vulnerabilities lie in hardware devices which exist in the majority of all computer systems in use today. In fact, physical attacks on storage hardware are common and may be the most likely and dangerous type of attack (Hasan, Lee, Myagmar & Yurcik, 2005, ¶28). Although using this new, digital alternative to paper may seem to be easier and faster, inside these seemingly harmless computers lie devices which are recording and generating audit trails of all data ever accessed on them, potentially acting as an informant to whoever possesses the devices. In fact, overlooking these devices may give an attacker a chance to steal sensitive data. Also, this could be carried out by any personnel with physical access to the machines (Goldschlag & Landwehr, 1997, ¶19).
This document is in PDF format. To view it click here.