We blogged recently about increasing regulation, and strong penalties for companies that suffer breaches in data security. Industry experts and analysts agree that these new moves will help to drive wider uptake of secure USB flash drives. Read More »

It’s been a high-profile year for USB memory sticks: they have been the subject of many headlines thanks to a series of losses and theft incidents, and have been exploited as a new vector for spreading malware across networks (thanks to Conficker and related Autorun-exploiting worms). Read More »

A new series of licensed Star Wars character USB flash drives is now available.  The set of drives, which includes replicas of Darth Vader, Boba Fett, Imperial Stormtrooper and Yoda, are supplied in capacities from 4GB to 16GB.

While they offer sufficient storage for a huge amount of data – possibly enough even for the blueprints of the Death Star – they don’t offer any on-board protection for that data, if the drive should get lost or stolen. Read More »

Every once in a while, someone launches a USB flash drive that we just have to blog about.  Here’s a striking one that I haven’t seen before:  a scented pendant with internal USB drive. 

If you carry your flash drive as a necklace, I guess it’s fairly secure – or at least, you’ll quickly realise if you lost it.  But adding a scent to the drive is certainly an unusual step.  I wonder what it smells of?

Of course, our secure USB flash drives have no artificial scents applied to them.  But they do keep your data safe in all circumstances – which will leave your organisation smelling of roses if one of our drives is ever misplaced or stolen.

A UK local council has just found the true cost of a virus infection which was introduced onto its network by an employee plugging an infected memory stick into his computer in May this year.

The overall bill for IT recovery and lost revenues was over £500,000 (more than $800,000), as systems were disrupted for several days.

The report on the outbreak from Ealing Council in West London states: ‘At the point the memory stick was plugged in the virus attacked the host PC.  It blocked connections to anti-virus and Microsoft Support websites and attempted to establish connections with 500 internet sites chosen at random from a selection of 25,000 seeking instructions from its author, and sought to also contact other similarly infected PCs that it could find. It then started propagating itself across the Ealing network.’

Although the virus has not been named, it obviously exploited the well-known Windows Autorun vulnerability to spread on the Council network. 

This could have been prevented by issuing all council employees with a secure USB flash drive with onboard anti-virus scanning – which would not only keep mobile data secured, but would also stop any infections using thumb drives to spread.

You can read more about this incident in the following articles:
 
www.theregister.co.uk/ealing_council_mystery_malware
 
www.scmagazineuk.com/Ealing-Council-facing-501000-fine-after-its-network-was-hit-by-a-virus-that-crippled-it-for-weeks
 
www.publicservice.co.uk/news_story

In the last 6 months or so we’ve seen how USB flash drives have become recognised as a vector for spreading malware, especially malware that uses Windows’ Autorun capability.

This week, Symantec is reinforcing that message during its Cyber Crime initiative.   The company’s Security Response group product manager says that as well as being a method for propagation, USB-borne malware is particularly difficult to get rid of. 

Of course, one way of stopping the spread of malware via USB memory sticks is to use secure flash drives with on-board antivirus, which stops malware on the drive itself.

It’s also worth noting just how the sheer number of threats has grown.  In 2000, antivirus vendors issued 1,500 new signatures.  In 2009, over 2.5 million signatures are expected.  AV protection on all computing devices makes more sense than ever before.

With over 150 million flash drives sold worldwide last year, according to analyst Gartner, there’s an incredible amount of unsecured information being carried around in people’s pockets, bags, briefcases and cars.

And even if users think they are being safe by regularly deleting old files from their ordinary USB sticks, they are not.  In a similar way to a conventional hard disk, deleting a file does not mean it has gone forever.

In fact, all that has happened is that it has been hidden.  The delete function merely erases the reference to the file in the FAT (file allocation table) on the drive.  The file and data are still there, and by using FAT data recovery or repair tools, those “deleted” files can be easily found again.

It’s another good reason to deploy and use truly secure USB flash drives, like our Cruzer Enterprise, which keeps ALL data on them secured against unauthorised access and use, at all times.

It looks like USB flash drives are becoming a popular vector for spreading malware.  A 4 year old worm has been reactivated and is now spreading through the use of thumb drives, according to Microsoft’s Malware Protection Center (MMPC).

According to the MMPC, the ‘Neeris’ worm is copying some of the infection strategies of Conficker.  The timing of its reappearance is also unusual, as it appeared a day before Conficker’s ‘activation’ date of 1st April.

Neeris’ makers have recently added an exploit for the MS08-067 vulnerability that Microsoft patched in October last year.  Conficker also exploits this vulnerability and became one of the biggest malware outbreaks ever, early in 2009. 

Although Neeris is not yet widespread, and its purpose and effect seems to be relatively benign at this point, it’s worth making sure that all systems are patched against the MS08-067 vulnerability, as detailed in the link above.