Forensics Recover Cloud Data from Smartphones
Remnants of files uploaded to cloud services were retrieved by researchers at the University of Glasgow, pointing to poor encryption and major security gap.
By using forensic software on smartphones that uploaded files to cloud services, researchers were able to piece together bits of data that revealed the cloud location of the uploaded files and other sensitive information.
“That smartphones can essentially remember deleted information poses a huge risk to organizations that issue smartphones to employees and to organizations that don’t explicitly disable the use of personal devices for work-related computing,” said Pravin Kothari, founder and CEO of cloud encryption software company CipherCloud.
All tests were conducted on an HTC Desire and an iPhone 3S that used Box, Dropbox, and SugarSync clients for their cloud service. Various types of files, ranging from images to documents and multimedia, were uploaded, then the devices were given a hard reset. Files also available for offline access were fully recoverable, raising serious security concerns.
“The results from this research have shown that smartphone devices which access cloud storage services can potentially contain a proxy view of the data stored in a cloud storage service,” concluded researchers. “The recovery of data from these devices can in some scenarios provide access to further data stored in a cloud storage account.”
Saying the tested version of Box was outdated and that newer versions take serious steps towards encrypting files, a spokesperson commented that even file previews – stored locally – are also encrypted.
Researchers advised that using encryption software for mobile data would be highly recommended, as to prevent sensitive files from ending up in the wrong hands.