Anti-Forensics
Account Misuse
Clear Browser Artifacts
Clear Email Artifacts
Decrease Privileges
Delayed Execution Triggers
Delete User Account
Deletion of Volume Shadow Copy
Disk Wiping
File Deletion
File Encryption
Hide Artifacts
Hiding or Destroying Command History
Log Deletion
Log Modification
Modify Windows Registry
Network Obfuscation
Physical Destruction of Storage Media
Physical Removal of Disk Storage
Stalling
Steganography
System Shutdown
Timestomping
Tripwires
Uninstalling Software
Virtualization
Windows System Time Modification
- ID: AF011
- Created: 25th May 2024
- Updated: 14th June 2024
- Platforms: WindowsLinuxMacOS
- Contributor: The ITM Team
Physical Destruction of Storage Media
A subject may destroy or otherwise impair physical storage media such as hard drives to prevent them from being analyzed.
Subsections (2)
| ID | Name | Description |
|---|---|---|
| AF011.002 | Physical Destruction of Disk Storage | A subject may destroy or otherwise impair physical disk storage, such as hard disk drives or solid state drives, to deny access to the files and artifacts stored on them. |
| AF011.001 | Physical Destruction of Removable Media | A subject may destroy or otherwise impair removable storage media, such as external hard drives or USB sticks, to deny access to the files and artifacts stored on them. |