Heathrow Airport Becomes The Next Highly Sensitive Data Breach From A Lost, Unsecured USB Stick

Blog Post: October 31, 2017

unencrypted flash drive dropped on a sidewalk

Airlines aren't the only thing flying out of Heathrow Airport these days. Heathrow Airport is now the latest victim to succumb to the casualty of sensitive information flying out of the organization, exposing extremely sensitive airport security data on an unencrypted usb stick.  Sadly, repeated events like this could have been easily prevented if organizations and IT Administrators simply restricted their security environments to the use of hardware encrypted USB drives.   


How Kanguru Defender® Encrypted Drives Could Have Stopped This Breach in Its Tracks

With Kanguru Defender® Hardware Encrypted USB Drives, data is fully password protected and locked under AES 256-Bit hardware encryption, preventing any access without a password. If a Kanguru Defender AES hardware encrypted flash drive containing sensitive information is ever lost, as in this recent case at Heathrow Airport, or if an encrypted flash drive is ever stolen, the information on it cannot be retrieved without the password. There’s no doubt that flash drives are well known for their convenience and quick access, and organizations like to use them because they are so convenient. However, there is a time and place for unsecured USB sticks, but a sensitive, high-security environment is not one of them. If it was necessary for the information to be pulled from the airport's servers, it should have been pulled on a highly-secure flash drive. That’s why Kanguru manufactures their Defender AES hardware encrypted flash drives - to help organizations conduct business efficiently, conveniently AND securely with protections that continue to secure sensitive information while in transit.

With Kanguru Remote Management Console, a lost or stolen memory stick can be immediately disabled or even deleted by an IT Adminstrator anywhere in the world, further rendering access to the information impossible. If someone happens to find the drive and plugs it in, Kanguru Remote Management could even report on where the flash drive is located.

Going even further, Kanguru Endpoint Protector is a robust endpoint solution that enables organizations to protect their data by blacklisting any unsecured USB sticks from the network, preventing them from being plugged in to pull sensitive information, and whitelisting the use of hardware encrypted drives exclusively.  They could also monitor what types of information can be retrieved onto the drives and restrict transfers.


The Damage to Heathrow Airport Security

Sadly however in this case, highly sensitive information was placed onto an unencrypted usb stick without any form of protection, as if it were simply Gramma's favorite recipe, or a grade school homework assignment.   As a result, delicate information regarding the sensitive security plans of Heathrow Airport have been compromised, including detailed information of the Queen’s Royal Suite and secured areas for traveling dignitaries, timetables for security patrols, and locations of key security cameras and other highly sensitive data.  Heathrow is one of the UK and the world's busiest airports, and investigations are now underway as to what specific information has been compromised, and the damage this breach may have caused. It has the potential to become one of the costliest breaches if the airport needs to make any deep-pocket architectural or security changes.

If the old saying, “an ounce of prevention is worth a pound of cure” applies anywhere, it certainly applies here.  Using Kanguru hardware encrypted flash drives in a secure environment to protect sensitive information, Kanguru Remote Management to monitor the drives, and Kanguru Endpoint Protector to restrict the types of devices and data transfers could go a long way to preventing costly breaches.



Kanguru Solutions