Business Security Information

Do you or your company use encrypted USB flash drives?  If so, are they one of the flash drives that this month was discovered could be hacked?  Encrypted flash drives from SanDisk, Verbatim and Kingston are vulnerable to this most recent form of attack.  Basically, the attack occurs on the software that comes with the drives and runs on a computer, not the USB flash drive.  The software allows the user to enter a password, and if the password is correct, the software sends a signal to the encrypted USB flash drive to unlock itself.  The problem is that other software can be written and has been written to change the USB software running on the computer so that it always sends a signal to the encrypted USB flash drive no matter what is entered as a password.  Any software running on a computer can be tampered with and should not be trusted in these types of situations.  It also appears that a static unlock code is used by the flash drive manufacturers to provide one password that can be used as a backdoor to the encrypted flash drive. Anyone with knowledge of the password can use the flash drive.

The following encrypted flash drives are affected by this method of attack:

1. SanDisk Cruzer Enterprise FIPS Edition with McAfee, SanDisk Cruzer Enterprise FIPS Edition, SanDisk Cruzer Enterprise with McAfee, and SanDisk Cruzer Enterprise.
2. Kingston DataTraveler Blackbox, Kingston DataTraveler Secure Privacy Edition, and Kingston DataTraveler Elite Privacy Edition.
3. Verbatim Corporate Secure FIPS Edition and Verbatim Corporate Secure.

All three manufacturers of the drives have updates for their devices or software to prevent this type of attack from being successful.  If you own one of the above-mentioned devices, follow the links to get the manufacturer’s updates.

SanDisk Update

http://www.sandisk.com/business-solutions/enterprise/technical-support/sandisk-security-bulletin

Kingston Update

http://www.kingston.com/driveupdate/

Verbatim Update

http://www.verbatim.com/security/security-update.cfm

If you want additional details regarding this security issue, follow the link to this article on the IronKey website.  This is one of the many articles I used when researching this security issue.  IronKey is also a manufacturer of encrypted USB flash drives, but their products are not affected by this attack method due to the fact that no software runs on a computer to unlock the device.  Instead, all password verification is done on the hardware flash drive itself.  Also, the company states that they have no static password that can be used as a backdoor to their devices.  Take a look at the article as well as additional resource links they have in the article regarding this security issue.

Ironkey USB Flash Drive Flaw Exposed Article

Related posts:

1. Pod Slurping
2. Security Issues With Network Devices
3. cPanel CSRF Security