Dumpster Diving in Security
Reconnaissance technique searching discarded materials for sensitive information to support subsequent attack operations.
Reconnaissance technique searching discarded materials for sensitive information to support subsequent attack operations.
Continue your mission
Dumpster diving in security refers to the practice of searching through an organization's discarded materials to find sensitive information that can be used in attacks. Despite its low-tech nature, dumpster diving remains an effective reconnaissance technique because organizations frequently fail to properly destroy sensitive documents and media.
Attackers search trash receptacles, recycling bins, and disposal areas for valuable intelligence. Common finds include printed documents with credentials, network diagrams, or organizational charts; discarded storage media including hard drives, USB drives, and optical discs; sticky notes with passwords; employee directories and phone lists; financial documents revealing vendor relationships; outdated equipment containing cached data; and shredded documents that can sometimes be reconstructed. Information gathered through dumpster diving fuels other attack vectors: organizational charts enable targeted phishing, network diagrams reveal infrastructure, and discarded credentials may still be valid or reveal password patterns.
Dumpster diving provides attackers with information that is difficult or impossible to obtain through digital means. It requires no technical skill and carries minimal legal risk in many jurisdictions since discarded materials are generally considered abandoned property. The intelligence gathered often makes subsequent technical attacks significantly more effective by providing internal context that external reconnaissance cannot reveal.
CDA addresses dumpster diving within the SPH and DPS domains. Theater missions include document destruction audits and physical security assessments. Our approach emphasizes that data protection extends beyond digital controls to physical disposal procedures. Organizations must implement and enforce media sanitization and document destruction policies as fundamental security hygiene.
CDA Theater missions that address topics covered in this article.
Rogue access point detection identifies unauthorized wireless APs on the network using WIPS sensors, wired-side monitoring, and signal triangulation to prevent network bypass.
LLM security risks include data leakage, prompt injection, model supply chain attacks, and unauthorized tool execution, requiring organizations to treat AI models as high-privilege components.
Written by CDA Editorial
Found an issue? Help improve this article.