Problem Statement and Inherent Challenges
The customer needed to retrieve the entire 300 GB data from the physically crashed hard disk drive that was originally encrypted, before formatting.
After cloning this drive, stellar data saviors had found that the drive contained unencrypted data. It was learnt— upon checking with customer—that the user had indeed formatted the drive twice over. So as per the technical analysis, this encrypted HDD had actually undergone multiple cycles of formatting, with continual usage until the point of its physical crash.
This was a truly challenging and complex data recovery case because it spread across the physical and logical facets of the storage. And, given the usage history of this HDD — repeat formatting and overwriting on each formatting — it was obvious that a significant amount of data would’ve been already overwritten* with new information.
Solution — How RaminfotehData Saviors Rescued the Situation
Stellar data saviors began the data recovery task with the following steps:
1. HDD dismantling and head assembly replacement in state-of-the-art Class 100 cleanroom
It was necessary to examine the HDD for specific physical issues, as it was reportedly making a clicking sound and couldn’t be detected on any of the Windows computers. The following steps ensued:
Requested tampering permission from the customer to check physical condition of the platter and head assembly.
The platter was fine but the head assembly was found broken, due to which the HDD was making the clicking sound.
A new head assembly from a donor HDD was transplanted on this recipient patient HDD to reinstate access for further data recovery operations.
2. Disk cloning to provision a functional clone for secure data recovery
Upon getting access of the patient HDD, the data saviors created 2 clones of the HDD by using a proprietary cloning software.
After successfully cloning the drive —completed in 7 days’ time—the next challenge was to decrypt the clone and recover the original encrypted data.
However, the data saviors found that the drive already contained over 100 GB of non-encrypted data, meaning the user had actually formatted the drive. The customer confirmed that the drive had indeed been formatted twice before it physically crashed.
3. HDD decryption to recover the original encrypted data
The data saviors tried to locate the encryption details in the left out area below 100 GB of the overwritten space, but couldn’t find these details.
The data saviors requisitioned WinMagic SecureDoc decryption key from the customer.
The data saviors then began forced decryption of the cloned drive, as automated decryption was not possible due to overwriting of critical decryption information while copying the data after formatting
The decrypted HDD now allowed unrestrained access to the storage space below the overwritten data area, and thereby opening up the possibility of recovering data from this space that was not overwritten.
4. Deep scanning for data recovery
The data saviors used stellar data recovery software with deep scanning function to recover data from below the overwritten area on this decrypted clone.
The deep scan capability was vital to maximize data recovery from the overwritten HDD. It enabled file signature-based search to locate fragments of the lost data and stitch them together as a whole, integral unit.
The team successfully recovered 170 GB of the lost data from this nearly impossible case of an encrypted hard drive that was repeatedly formatted, overwritten and ultimately suffered a physical crash.
Western Digital Data Recovery Data Recovery - Western digital Data Recovery in Chennai-india
No comments:
Post a Comment
Hello Any One Need Service Call Us