Dumpster Diving – CompTIA Security+ SY0-501 – 1.2

| October 30, 2017


Some of your most important documents may be thrown out with the trash. In this video, you’ll learn about dumpster diving and how you can keep your important documents away from the bad guys.

<< Previous Video: Tailgating and Impersonation Next: Shoulder Surfing >>


This is a dumpster. [? In ?] the United States, it’s a brand name of a garbage bin. In other parts of the world, you may hear this referred to as a rubbish skip. This is what’s around the back of the building and the organization is usually taking all of their documents and other information and throwing them out in the trash– this is where it ends up.

Someone who’s doing dumpster diving then, is going into this trash bin to look for information that normally would not be available. The companies throwing these things out perhaps, isn’t thinking that someone may gain access to them. There might be people’s phone numbers, customer records, or other things that they can use to either attack the company or gain more access inside.

It’s often important to time when this is going to be. Sometimes organizations throw out a lot of things at the beginning of the month or the end of the month or after a quarter is over. You also have to think about the pickup schedule because they usually come around at a standard time during the week to remove everything that’s in the dumpster.

So most of the time, people [? who are ?] trying to gain information, they’ll learn what those patterns are and they’ll try to make the most of getting into the dumpster and gathering this information.

I am certainly not a legal professional, and I recommend that if you have any questions about this, that you do contact a legal professional in your area. In the United States, for the most part, dumpster diving is legal. There may be local restrictions on it so make sure you check with your local laws before you ever go into someone’s private property to gain access to their garbage.

If it’s in the trash then and there’s no laws restricting you, then everything that’s in there is wide open to take. Nobody technically owns that and so you could go in and start gathering those details.

You do have to be careful because you don’t want to go on a private property, especially when there are signs that are specifically telling you that you are not allowed to be in this property. In those cases, you can’t break the law just to gain access to the dumpster.

And again, before you do anything associated with dumpster diving, I highly recommend you contact a legal professional and make sure that you’re not breaking any laws in your area.

If you’re a company that does dispose of information this way, make sure you’re very careful about what you’re throwing out and where it happens to be. Make sure that all of your garbage is secured behind a fence and locks. You might even want to consider shredding every bit of information. Whether it’s something that might be considered good or bad, if you shred everything, then you know you’ve covered all the bases.

If you’re a government, you’ll find a lot of the materials will simply be burned so that there’s no possible way to reconstruct them, even from tiny little shreds of paper.

One thing that you might want to do is go to your own trash. See what people are throwing out and see if there’s something in there that’s sensitive that you might want to use for training. Let people know they need to be very careful about what they’re putting in the dumpster.

Category: CompTIA Security+ SY0-501

Comments are closed.

X
My Security+ Study Group is Wednesday! Click here to register
My free Live Network+ Study Group is Wednesday. Click here to register!