IronKey

Mobile Data Security Blog

Home  »  Posts tagged "BadUSB"

by

Majority of Healthcare Breaches Are Due to Loss or Theft, Not Hackers

I just recently read an article about how a healthcare organization lost backup hard drives containing personal information on nearly 40,000 of its clients. To make matters worse, the article stated that there was “no mention of strong encryption being applied to the records, implying that they were stored relatively insecurely.” WHAT?  I shake my head in frustration because there is a simple solution. Why don’t more healthcare companies deploy secure USB?

You might be surprised to know that the majority of breaches come from lost or stolen devices, not hackers. In fact, sixty-eight percent of all healthcare breaches are from loss and theft. This leads me to conclude that most healthcare companies insecurely store, and therefore risk losing their clients protected health information (PHI) such as birth dates, medical records, and Social Security numbers.

Sadly, it looks like this trend won’t be ending anytime soon.  A recent healthcare data breach forecast predicted that employees (not hackers) will continue to be the greatest threat to securing healthcare data including PHI.  The forecast goes on to say that despite all signs pointing to employees as the largest threat to a company’s security, business leaders will continue to neglect the issue in favor of buying more “appealing” security technologies aimed at preventing intrusions from outsiders in 2015. (sigh)

So here’s the good news – there is a workable solution that’s easy for healthcare organizations to implement. One simple, affordable option is to store PHI and other confidential data on a portable, encrypted external hard drive or USB instead of storing data directly on the laptop.  There’s a class of readily available hardware encrypted devices that are virtually unhackable and can be remotely wiped should they be lost or stolen.  And, these drives deploy the highest standards of protection with AES-256 encryption.   These highly secure drives even protect data and applications from malware like BadUSB. And their rugged design makes them nearly indestructible.  They’ve even been known to survive an autoclave! 

IronKey™ offers the most secure storage solutions and mobile workspaces available.  So, don’t be tomorrow’s headline.  Check out our healthcare security solutions today.

by

Standing Room Only: BadUSB at Black Hat

 

Our special guest blogger is Chris Louie, an IronKey sales engineer, who joined the company in 2011. 

As I took my seat in the packed Black Hat ballroom, I could sense the level of concern as everyone anxiously awaited the findings on BadUSB. Attacks against USB flash drives are nothing new, but they’ve always centered on the data being compromised or leaked.  Now we’re about to learn about a radically different type of attack. Suddenly the lights dim and the session title flashes across the screen: “BadUSB – On accessories that turn evil” presented by the authors of the malware.

Immediately, things looked bleak for security-minded professionals everywhere. A new type of threat has emerged! Malware is no longer relegated to only files stored on USB flash drives, but can now reside in the controller firmware inside the USB flash drive. And to make matters worse, it doesn’t just affect USB flash drives, but any USB device that has the ability to update its firmware, such as Android-based phones and tablets. BadUSB also has the ability to trick the computer into thinking a flash drive is a mouse or keyboard. Once a computer is infected, it will attempt to infect every USB device that connects to it in the future.

Now if that’s not enough to keep CIOs and CISOs awake at night, the malware authors state that there is currently no mechanism to detect or remove BadUSB from affected devices and computers. It acts as a launch pad to attack computers with the malware author’s attack of choice. Installation of Remote Access Trojans, key loggers, DNS cache poisoning, botnet creation and ransomeware are just a few of the cyber-criminal tools that can be deployed with the help of BadUSB.

Fortunately, not all is lost! BadUSB takes advantage of a commonly found practice in the flash drive industry: the vast majority of USB devices do not require digitally signed code in order to do a firmware update. Since day one, every IronKey device has followed the best practice of requiring digitally signed code for firmware updates to protect against this exact type of attack vector.

During the Q&A session with the malware authors, someone asked if requiring digitally signed code for firmware updates would protect a USB device from this attack.  The audience were assured that those devices are not vulnerable to this attack.

So get rid of that potentially dangerous flash drive and upgrade to a secure flash drive that cannot get infected with BadUSB.

 

 

by

Perspective on BadUSB

 

We recently learned that security researchers Karsten Nohl and Jakob Lell of Security Research Labs plan to present their research at Black Hat next week which consists of proof-of-concept malicious software called BadUSB. The premise of the BadUSB attack appears to be that you can change the firmware of the USB device. A fundamental feature of IronKey high security products is that changing the customized firmware is not possible. IronKey devices have digitally signed firmware with verification on start-up. If the firmware is tampered with, the device won’t function. This countermeasure has been validated by NIST in IronKey FIPS 140-2 Level 3 devices

Once the research is released we will carefully review to ensure there are no potential risks. We will then issue a statement. In the meantime if you have any questions please email securitysales@imation.com.