Does anyone know of a method to wipe a HDD that gives a high degree of confidence that any malware present will not persist when the OS is reinstalled? Using tools on Linux and/or Windows?
We have approx 70 SSD's ranging in size from 480gb-1TB from a variety of manufacturers pulled from workstations compromised by a hostile foreign state. The network was compromised when several workstations were rebuilt using a Win 10 image later found to contain backdoors/malicious code as a result of a larger organisational wide attack.
The machines themselves have been replaced, it's only the SSDs we'd like to avoid throwing out. Steps have been taken to lockdown the network they'll sit in with very little traffic allowed out and between hosts. There is also a high degree of network monitoring in place looking for patterns/behaviors identified during the original breach... So we have a high level of confidence should any malicious code break out it will be identified and contained.
The larger organisation is in the process of rebuilding from the ground up, however the network in question was under the control of a separate entity - where a need for a more economical approach is required.
Edit: The foreign actor is believed to be from the far east or a close ally. The organisation targeted was a federal government department in a country who is a member of the five eyes.
This was an advanced, targeted attack, with compromised boot code found on desktops and servers. While no evidence of malicious SSD/HDD firmware was found, it can't be ruled out due to the capability demonstrated in other areas. This is definitely not run of the mill adware.