Firmware USB Security of Kanguru Defender® and FlashTrust™ USB Flash Drives

Kanguru is aware of research regarding the potential risk of a new class of malicious attack called "badUSB" which focuses on USB technology, including webcams, computer mice, keyboards, and USB storage devices. The theory behind this vulnerability is that the USB device firmware (the software code which runs computer chips) could potentially be hijacked by a third party, and used as a vehicle to deliver some type of host computer access to cyber criminals. Kanguru's Defender® Collection of Secure, hardware encrypted USB drives are completely immune to this vulnerability due to their RSA-2048, digitally-signed secure firmware. Furthermore, Kanguru takes great steps to provide other options that protect organizations who may face this type of threat of potential risk. If your organization has concerns about the possibility of USB devices being used maliciously through third-party hacking, the following Kanguru products have been verified by a FIPS Accredited Laboratory that they are safe and immune from "badUSB".

The Kanguru Defender® Series of encrypted USB flash drives are immune to this vulnerability. They are designed in compliance with NIST’s requirement of securing device firmware. The ability for a third party to change the customized, onboard device firmware with an unauthorized, malicious version is nearly impossible. Furthermore, there are self-tests run at startup of the cryptographic module within the USB drive which ensure the integrity of the original firmware. If the self-test fails, the device will not operate. This has been validated by NIST for a range of Kanguru’s Defender devices that have achieved FIPS 140-2 Level 3 and Level 2. In addition, other Kanguru Defender devices that haven't undergone the FIPS certification process still have this firmware security feature implemented and are also not at risk. See NIST standards for more information.

The Kanguru FlashTrust™ is also immune to “badUSB” due to the secure firmware implementation which incorporates the same architecture as the Defender series of drives.  While the FlashTrust has not gone through formal testing by independent laboratories, it uses the exact same firmware security implementation as the Defender series of USB flash drives.  As a recognized security leader, Kanguru is confident that the firmware security approach of the Kanguru FlashTrust is sound. 

The Kanguru QS Slim DVDRW DVD Burner and QS Slim BDRW Blu-ray Burner contains Digitally-Signed, Secure Firmware, which restricts and prevents attempts at firmware tampering once the device has left Kanguru’s secure manufacturing facility. This fully protects from any potential risk of "badUSB" or third-party hacking.

Both the Kanguru UltraLock™ Hard Drive (HDD) and UltraLock™ Solid State Drive (SSD) have secure firmware that is verified internally for authenticity each time the device is used. As a result, organizations can be confident that the Kanguru UltraLock cannot be used by a third-party as a malicious vehicle for malware delivery.

The specific test requirements and the actual test performed by the FIPS accredited laboratory are as follows:

Requirement

The tester shall modify all public keys using any method not specified by the vendor documentation and shall attempt to load them into the module. The module should not allow any of the keys to be successfully loaded. The tester shall attempt to perform cryptographic operations using these keys; the module should not perform the operations, indicating that the keys were not loaded.

Test and Result

The tester modified the Firmware Update Public key using a special debug version of the firmware, and doing so forced the start-up self-tests to fail. The module would not allow the key to be successfully loaded. The tester attempted to perform cryptographic operations using the key, but the module would not allow any cryptographic services because the module was in the error state; the LED blinked at a rate of 16Hz indicating error state.

Firmware Security Implementation

The Defender and FlashTrust series of USB Flash Drives have firmware loaded onto the device in a secure manufacturing facility.  This firmware is signed with an RSA-2048 bit key which is supported by the device.  Any possible firmware updates would require a SHA-256 checksum to match the newly provided firmware version.   

Please note:  Kanguru does not provide support for any firmware updates on deployed devices.  Kanguru Defender Elite200 and Defender 2000 units specifically do not allow any firmware updates since the controller boards are epoxied and all pin-level access is denied. The Defender HDD series does not support firmware updates.

See Kanguru's FIPS 140-2 Certified, Hardware Encrypted drives for more information.

For more information or questions, please feel free to Contact Us