Your data is one of the most valuable assets to your organization including company financials, personal information of clients, patients, proprietary, technical data, etc. Yet doing business requires easy access, convenience and portability by staff to this information in order to get work done. USB flash drives have become very popular for this reason. But researchers have revealed a potential danger with USB technology called "badUSB" where savvy hackers could potentially use the technology to deliver malware that could infiltrate an organization's trusted network.

Organizations may choose to be proactive in implementing a solution that will help alleviate this potential threat by using USB drives with secure firmware implementation.

What Industries are Best for Secure Firmware USB?

Utility companies, defense contractors, and manufacturing firms are just a few of the industries using secure firmware USB drives to update expensive machinery and want to protect from any possibility of malware. Organizations that want to ensure a protected environment from malware intrusion but may not require high-end hardware encryption will benefit from Kanguru FlashTrust secure firmware USB. (If you require hardware encryption, please see our Defender® series.) Also, organizations that use a software encryption module for endpoint security see direct benefits with having whitelisted, encrypted (on network) USB drives with secure firmware from a trusted, U.S. based company.

Is "badUSB" as bad as it sounds?

In August of 2014, researchers Karsten Nohl and Jakob Lell at a Black Hat security event, revealed a potential threat to USB technology, pointing out that any USB peripheral, including printers, keyboards, computer mice, webcams or flash keys, could be open to a possibility of a savvy hacker physically changing the firmware to deliver infective malware. Although this would be a very difficult thing to do, the news, known as "BadUSB", has worried some that USB drives could be vulnerable to such type of physical tampering.

But is "badUSB" really as bad as it sounds? When it comes to a possibility of tampering with USB technology. it's really not a huge threat to the overall population, as it would take an extremely savvy, and deeply disgruntled hacker to tamper with the firmware of a USB device to infiltrate an organization. Still, some organizations may be at greater risk than others. It is enough to make experts sit up and take notice, especially if an organization is at greater risk. To combat this, organizations that feel they are at greater risk may want to restrict flash drive use to drives with secure firmware like the Kanguru FlashTrust. Making secure firmware drives a policy can provide a layer of protection from malware attack through the use of USB. For more on this, please see our blog.

How Digitally-Signed Secure Firmware Works

Imagine if a thief tried to steal your car, and your car recognized it was not you behind the driver's seat and as a result, completely locked down, bolted all the doors and stopped functioning altogether. By design, the Kanguru FlashTrust™ is inherently protected with what is called digitally signed secure firmware. This fundamental feature makes it nearly impossible for any firmware-based attack to be successful, making it the most trusted USB device on the market. The FlashTrust uses the same firmware technology reserved for Kanguru's Defender® hardware encrypted drives, which are designed in compliance with NIST requirements of digitally signing the device firmware, and is verified through a rigorous process known as FIPS 140-2 certification. Because the secure firmware is verified with a self-test on start-up, if any attempt were made to tamper with the firmware on a Kanguru secure firmware drive, the USB device simply would not function.