Secure USB Drive

The police force in England’s second-largest city, the Greater Manchester Police (GMP), has suffered extensive disruption for several days following an infection by the Conficker worm.
Read More »

It’s been reported today that the UK security service, MI5 has accused China of bugging and initiating acts of espionage on UK business executives, to obtain sensitive commercial secrets.

The story, from a leaked MI5 document says that undercover intelligence officers from China’s People’s Liberation Army and the Ministry of Public Security have also approached UK businessmen at trade fairs and exhibitions with the offer of “gifts”. The gifts — such as USB memory sticks and other digital media — have been found to contain electronic Trojan bugs which provide the Chinese with remote access to users’ computers.

This is yet another example of the use of innocuous-looking devices in an attempt to harvest sensitive or confidential data. The best advice to protect your PC and corporate networks is to use only authorised, secure flash drives, preferably with on-board anti-malware scanning capability, and lock out unauthorised devices. After all, Trojan horses are no longer larger than life and made of wood.

We saw in 2008 and 2009 how worms came back to prominence, thanks to the wide spread of Conficker and its variants. A timely reminder that the threat is still high was given last week, when Google revealed a highly sophisticated series of cyberattacks originating from China that stole some of its intellectual property and affected about 30 other Silicon Valley companies.

This recent attack shows how malicious software has evolved into an advanced weapon that can specifically target companies – even companies as advanced as Google – with the aim of gaining a financial or competitive advantage.

Attackers will try any method available to seed the malware onto a company network, including infecting USB flash drives and distributing them at events, or “losing” them in car parks for unwitting employees to find. That’s why latest-generation secure flash drives, such as our own Cruzer Enterprise range, can also feature onboard anti-malware scanning to nullify this threat.

SanDisk has recently identified a potential vulnerability in the access control mechanism and has provided a product update to address the issue. SanDisk customers were pro-actively notified and have been given the support required for updating their Cruzer® Enterprise drives.

In the past few days several news sites have reported on this incident. Most coverage addressed the issue at hand and referred to the SanDisk web site for the resolution. Some reporters and bloggers even approached SanDisk for a response.

However, some of the coverage was simply wrong and has caused confusion in the market.
Read More »

This article at leading security portal Help Net Security summarizes 2009 from the point of view of the malware that was found in the wild.

As the piece points out, it was a year in which nobody that uses the Internet could ignore the dangers of malware, whether received by email, from Google’s search results, on social networks like FaceBook or Twitter, or even by direct injection from USB memory sticks, as was the case with Conficker and its variants. Read More »

Here are some sobering statistics from a recent US survey of IT professionals.  The leading magazine InformationWeek recently announced the findings of its State of Encryption Survey, which polled the opinions of 499 IT staff. 

Only 14% of respondents said encryption is used across their organisations, and just 38% said they encrypt data on mobile devices.  The main reason for deploying encryption (31%) was to meet regulatory requirements – and there’s a strong reason for this, as 44 US states enforce mandatory disclosure of data breaches, and such disclosure can cost organisations hundreds of thousands of dollars. Read More »

This week marks one year since the Conficker worm (known as Downadup at the time) was discovered in the wild.  As we know, it went on to become one of the biggest infections ever seen, with an estimated 12 million-plus PCs infected globally.

This interview with Eric Sites, a member of the Conficker Working Group, looks at what has happened through Conficker’s lifespan, and speculates as to who developed the worm.

Conficker has also been instrumental in driving changes to everyday computing practice.  As one of the first worms to exploit Windows Autorun and to spread via removable media, it’s forced companies to re-evaluate the way they use devices such as USB flash drives. 

It made the security sector look at providing anti-malware software to protect data on devices other than PCs – such as on our secure USB drives with onboard AV scanning.  This shows that with any problem, there is also an opportunity to improve data security.

If we needed any further reminders, new data has shown that malware which exploits the Windows Autorun vulnerability accounts for more than 35% of the top 10 global infections so far this year.  This is more than double the proportion found in the second half of 2008.

The key findings from Microsoft’s Security Intelligence Report Version 7 show that the Conficker worm, along with a Trojan called Taterf which steals passwords and license keys for popular computer games, were detected on 5.21 million and 4.91 million Windows computers respectively. 

Taterf is notable in that it spreads only via Autorun, and of course Autorun is one of the vectors by which Conficker can spread. 

While our Cruzer Enterprise secure flash drives with onboard McAfee antivirus scanning are able to stop this kind of malware spreading via USB, it’s worth remembering that many other types of portable storage devices are also vulnerable to AutoRun malware.  This includes mp3 players, digital cameras and even digital picture frames. 

We suggest being cautious in allowing any unauthorised devices to be used on the corporate network, and ensuring that antivirus software and software patches are kept fully up to date.

After being banned in November 2008, it looks likely that USB flash drives are about to be reintroduced to U.S. Defense Department computers and networks.

But there will be very strict controls on their use, to avoid future malware and security issues which caused the DoD to suspend the use of all USB memory sticks, removable storage devices and camera flash cards on all networks after a worm infection.

In a recent blog post, the CIO for the U.S. Navy, Robert Cary said Defense officials are finalising details of the new USB security policy.  Cary said in his blog that the important thing is to ensure that thumb drives used in the future cannot transfer viruses to military computers and networks.

Policies will also include practice such as authorised staff being issued with government-owned and procured secure USB drives, a ban on all personally owned flash media, and upgrades to DoD antivirus and malware detection and procedures.  These are all recommended, sensible controls to ensure network hygiene and reduced risks of data losses.

We have just announced that our Cruzer Enterprise secure USB flash drives have raised the bar for secure devices.  They are now the first and only FIPS 140-2 Level 2 USB drives to earn Common Criteria Certification.

This is an internationally recognized ISO standard (ISO/IEC 15408) used by governments and other organizations to assess the security functional requirements and security assurance requirements of technology products. With its certifications recognized in 26 countries, Common Criteria is an important global evaluation standard for security products.

The evaluation examines the entire device to certify its effectiveness in protecting the confidentiality, integrity and availability of sensitive information, and assures users that the security features of the product will perform as expected.

And speaking of performance, the Cruzer Enterprise range is also safe to use in harsh, wet environments, as it has passed environmental tests to meet Military Standard 810-F 506.4 and 512.4 when submitted to immersion and rainy conditions.  That’s a little extra reassurance that your data stays safe.