To combat recent security concerns in the cyber age, hard drive manufacturers have increasingly been implementing Self-encryption drives (SED) features in to their architectures. In the past few years, Seagate Technology has introduced new security features to their hard drives to prevent outsiders from altering the firmware. These added security features, while effective in protecting data, have also created new challenges in the way of data recovery. While other companies wait for a solution and keep their clients waiting for their data, the engineers at Data Analyzers have been diagnosing, repairing, and recovering client data from Seagate self-encryption drives (SED) for many months.
In order to recover data, engineers rely on specialized access to the underlying firmware stored on your hard drive to perform advanced diagnostic and repair functions. “It has been proven that a hard drive’s firmware can be modified to contain malware and other malicious code that can execute even after a hard drive has been fully wiped and had its operating system reinstalled,” says Andrew von Ramin Mapp, CEO of Data Analyzers. Here are just a few of the security features that Seagate has introduced on their newer generation self-encryption drives (SED) to help prevent these threats:
- Cryptographic firmware signing: Uses encrypted signature in firmware that is required for the host computer to launch (via Secure Boot) and to enable firmware downloads (via Locked Diagnostics Port and Firmware Authenticity and Integrity Verification).
- Secure Boot: Prevents host computer’s OS from loading if the firmware’s encrypted signature has been changed in any way; firmware signature is authenticated by the drive at host computer startup.
- Locked diagnostics port: Blocks unauthorized users from downloading firmware or accessing the drive’s installed firmware; user authentication via Seagate Secure Server required to unlock port. Prevents tampering with firmware executables and system-level data.
- Firmware authenticity and integrity verification: Checks for encrypted signature in firmware that is being attempted to be downloaded; firmware is rejected if not authenticated as an original Seagate firmware download.
- Should malicious code be executed inside an authentic copy of an HDD’s firmware, SD&D’s tamper-evident binary feature enables any altered code to be identified and the firmware blocked from download. Furthermore, SD&D employs forensic logging to trace unauthorized attempts to load or manipulate firmware.
“Hackers are becoming more sophisticated with their methods and the hard drive manufacturers are starting to recognize and respond to these threats,” says David Edwards, Senior Data Recovery Specialist at Data Analyzers. These new security features are important to keep our computers and data safe from malicious attacks, but in turn, they have become a major roadblock for all data recovery companies. “We find that most of our competitors are struggling with these drives and can no longer perform the necessary functions on new generation Seagate hard drives,” says Andrew von Ramin Mapp, CEO of Data Analyzers. This is a common problem throughout the entire industry, but not any longer.
Data Analyzers is proud to announce that they have made a breakthrough in developing a solution to unlock newer generation Seagate self-encryption drives (SED). Research and development at the Data Analyzers lab has led to a deep understanding of the firmware modules and ROM code that make up the SED functions. Custom software development projects, such as this, allow their team to recover data from circumstances that other companies simply cannot. This and other groundbreaking solutions are part of what makes Data Analyzers one of the leading Data Recovery labs in the country.