Firmware USB Security of Kanguru Defender® and FlashTrust™ USB Flash Drives
Kanguru is aware of research regarding the potential risk of a new class of malicious attack called "badUSB" which focuses on USB technology, including webcams, computer mice, keyboards, and USB storage devices. The theory behind this vulnerability is that the USB device firmware (the software code which runs computer chips) could potentially be hijacked by a third party, and used as a vehicle to deliver some type of host computer access to cyber criminals. Kanguru's Defender® Collection of Secure, hardware encrypted USB drives are completely immune to this vulnerability due to their RSA-2048, digitally-signed secure firmware. Furthermore, Kanguru takes great steps to provide other options that protect organizations who may face this type of threat of potential risk. If your organization has concerns about the possibility of USB devices being used maliciously through third-party hacking, the following Kanguru products have been verified by a FIPS Accredited Laboratory that they are safe and immune from "badUSB".
The Kanguru FlashTrust™ is also immune to “badUSB” due to the secure firmware implementation which incorporates the same architecture as the Defender series of drives. While the FlashTrust has not gone through formal testing by independent laboratories, it uses the exact same firmware security implementation as the Defender series of USB flash drives. As a recognized security leader, Kanguru is confident that the firmware security approach of the Kanguru FlashTrust is sound.
The Kanguru QS Slim DVDRW DVD Burner and QS Slim BDRW Blu-ray Burner contains Digitally-Signed, Secure Firmware, which restricts and prevents attempts at firmware tampering once the device has left Kanguru’s secure manufacturing facility. This fully protects from any potential risk of "badUSB" or third-party hacking.
Both the Kanguru UltraLock™ Hard Drive (HDD) and UltraLock™ Solid State Drive (SSD) have secure firmware that is verified internally for authenticity each time the device is used. As a result, organizations can be confident that the Kanguru UltraLock cannot be used by a third-party as a malicious vehicle for malware delivery.
The specific test requirements and the actual test performed by the FIPS accredited laboratory are as follows:
The tester shall modify all public keys using any method not specified by the vendor documentation and shall attempt to load them into the module. The module should not allow any of the keys to be successfully loaded. The tester shall attempt to perform cryptographic operations using these keys; the module should not perform the operations, indicating that the keys were not loaded.
Test and Result
The tester modified the Firmware Update Public key using a special debug version of the firmware, and doing so forced the start-up self-tests to fail. The module would not allow the key to be successfully loaded. The tester attempted to perform cryptographic operations using the key, but the module would not allow any cryptographic services because the module was in the error state; the LED blinked at a rate of 16Hz indicating error state.
Firmware Security Implementation
The Defender and FlashTrust series of USB Flash Drives have firmware loaded onto the device in a secure manufacturing facility. This firmware is signed with an RSA-2048 bit key which is supported by the device. Any possible firmware updates would require a SHA-256 checksum to match the newly provided firmware version.
Please note: Kanguru does not provide support for any firmware updates on deployed devices. Kanguru Defender Elite200 and Defender 2000 units specifically do not allow any firmware updates since the controller boards are epoxied and all pin-level access is denied. The Defender HDD series does not support firmware updates.
See Kanguru's FIPS 140-2 Certified, Hardware Encrypted drives for more information.
For more information or questions, please feel free to Contact Us