There are dozens of ways that any computer's data can be taken without modifying a single forensic's bit on the original hard drive. News sources today are announcing that the VA's stolen laptop (with millions of identity records) has been recovered. Most sources are claiming that the VA and its forensic experts are claiming the data was not touched or extracted. I hope this is an oversimplification, because the There are dozens of ways that any computer’s data can be taken without modifying a single forensic’s bit on the original hard drive.News sources today are announcing that the VA’s stolen laptop (with millions of identity records) has been recovered. Most sources are claiming that the VA and its forensic experts are claiming the data was not touched or extracted. I hope this is an oversimplification, because there are dozens of ways the data could have been read/copied and the data left untouched. How?Here’s two easy ways: 1. Boot on any device except the hard drive (e.g. floppy disk, CD-ROM, DVD, USB device, etc.). Use an NTFS-compatible version of Linux (e.g. Knoppix, Backtrack, Nubuntu, etc.) and steal away.2. Ghost the hard drive and manipulate the copy I can come up with a dozen ways in a few minutes.Every computer security forensic person is required by their job to be able to access other people’s hard drives and data without modifying a single original bit. So, while common thieves wouldn’t know how, there’s probably tens of thousands of computer professionals that do.So, I’m hoping the VA and the news sources are oversimplifying the case. A better opinion would have been, “We have found no evidence to indicate the data was not read or copied.” not “After examining the evidence we are SURE the data was not copied or read.”These are two big different statements. Related content analysis The 5 types of cyber attack you're most likely to face Don't be distracted by the exploit of the week. Invest your time and money defending against the threats you're apt to confront By Roger Grimes Aug 21, 2017 7 mins Phishing Malware Social Engineering analysis 'Jump boxes' and SAWs improve security, if you set them up right Organizations consistently and reliably using one or both of these approaches have far less risk than those that do not. By Roger Grimes Jul 26, 2017 13 mins Authentication Access Control Data and Information Security analysis Attention, 'red team' hackers: Stay on target You hire elite hackers to break your defenses and expose vulnerabilities -- not to be distracted by the pursuit of obscure flaws By Roger Grimes Dec 08, 2015 4 mins Hacking Data and Information Security Network Security analysis 4 do's and don'ts for safer holiday computing It's the season for scams, hacks, and malware attacks. But contrary to what you've heard, you can avoid being a victim pretty easily By Roger Grimes Dec 01, 2015 4 mins Phishing Malware Patch Management Software Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe