Data recovery and the Internet of Things

The explosion in the number of mobile devices in everyday use has led to a corresponding increase in the number of people seeking mobile-related data recovery services. Recoveries involving connected devices such as smart phones, tablets and portable storage devices now account for ten per cent of all data recovery requests received at Kroll Ontrack, and that percentage is on the increase.

So could the imminent rise of internet-connected home and industrial devices see the need for data recovery extended in new, unfamiliar directions?

In the desire to capture digital data about people and their activities, technology is being embedded in a growing variety of consumer and industrial objects. Our location information is already captured by GPS devices, mobile phones and tablets, as well as when using transportation systems such as the Opal cards in Sydney and Myki cards in Melbourne.

For some years there has been talk of improving health outcomes by making health records and prescription medication information available to medical professionals by storing the data on health care cards. Technology companies have developed refrigerators that monitor the food inventory within, and which are equipped with Internet connections.

When good metadata goes bad

With so much metadata being captured, what happens when these objects and connected devices are damaged? Will you need data recovery for your car if it is involved in a crash, for your smart watch after an accidental plunge in the pool or for your smart hot water system after a lightning strike? Will there come a time when important or even critical information is stored on your connected home or personal health devices?

The short answer is “probably not”. Many of the devices currently collecting data have very limited capabilities. Where an iPhone can store thousands of pictures, plus videos, music files and games, the average connected device is designed to provide a very specific service. It barely has enough storage for the operating system. Unfortunately, this means there is also rarely any consideration for security, leaving such objects vulnerable to cyber criminal.

While your smart watch or refrigerator is unlikely to be used in an attempt to harm you, the potential to reach out and maliciously use industrial internet-connected devices was clearly illustrated in the 2007 Aurora Test in the United States when researchers hacked into a replica power plant control system and changed the operating cycle of the generator, causing it to self destruct.

Discovery in the connected future

Right now, the majority of connected devices stream or frequently synchronise any recorded information, leaving little opportunity for data loss should the device experience a fatal failure. That doesn’t mean it won’t be hugely frustrating when you see your GPS or bike watch fail, just after you’ve set a new personal best.

Today, the only real connected devices we see in data recovery clean rooms are CCTV recorders that have suffered fire or water damage. Although many systems provide live streaming of images via a connected device, at the heart of each system is hard disk drive which stores the information from the video camera for a certain period of time and in some circumstances, it is this information that proves crucial. Recently, for example, the Kroll Ontrack clean room in the UK managed the successful recovery of a smoke and water damaged digital video recorder that helped to solve an arson case.

In the future, as the number of connected devices increases and as the range of interactions being scrutinised grows, the importance of the data and therefore demand for recovery is likely to step up. It’s intriguing to think that one day, the data personal or industrial internet-connected devices could be part of the legal e-discovery process.

Related Stories