A recent article in Security Week outlined a dramatic increase in malware sent via e-mail.  This after the takedown of the Rustock Botnet.  Methods of spreading the malware included fake “parcel tracking information” mimicking those from UPS and DHL, PDF file attachments with script malware, explicit PowerPoint presentations and more. 

The take away from this report is to maintain a regularly updated anti-virus on your computer, scan e-mail documents before opening them, and be wary of any suspicious attachments/e-mails. 

If you work on computers that do not have anti-virus installed, you can carry a mobile anti-virus program on your Kanguru Defender Elite, Defender V2 or Defender Basic which allows you to scan any files you transfer between the unprotected computer and your flash drive.  It’s a great added layer of security, protecting your mobile documents from becoming a carrier of malicious programs.

Malware, Portable Storage

According to a new study by the Ponemon Institute, 75% of the energy and utility companies that were surveyed experienced a data breach within the last year.

“We were surprised that utility companies didn’t put a higher priority on issues like smart grid and smart meters, where there’s been a lot of concern about cyberthreats,” says Larry Ponemon, chairman and founder of Ponemon Institute. “Many of the people we talked to are still more focused on physical security than on cybersecurity.”

One possible attack vector being used against power companies is unsecured USB flash drives.  This was reported to be a big factor in the spread of Stuxnet last year.  Energy, utility and manufacturing companies should be taking extra measures to be sure only secure devices are plugging into industrial control equipment.

Malware, Portable Storage

Kanguru is pleased to announce that we have been chosen to provide a major healthcare provider in Maryland with secure flash drives and remote management software.  Our encrypted flash drives will help keep their patient data safe and secure, and also help them meet HIPAA regulations relating to data security and privacy. 

This is the latest of several secure flash standardizations Kanguru has recently been involved with across the government, healthcare, and financial industries.  Healthcare providers have been under increasing scrutiny lately as the Dept of Health & Human Services has stepped up enforcement of HIPAA privacy rules.  Kanguru’s remote management platform provides security against data breaches as well as audit logs for proof of compliance.

Data Security, Healthcare, Portable Storage

Out with the old, in with the new.  As Kanguru continues to increase production of our flagship Defender Elite secure USB flash drive, we have phased out the previous generation Defender and Defender Pro models.  Clearance inventory can now be purchased at discounted prices here.

The older products are great for organizations that are concerned about security, but might not need the stringent requirements of FIPS 140-2 certification.  The Defender and Defender Pro use strong AES hardware encryption and do not require any software, drivers or administrator rights to use.  Check our clearance page for daily updates.

Data Security, Portable Storage

You might not know the answer to that question until it’s too late.  Unfortunately, the most common response to finding a USB drive is to plug it in.  Virus-writers count on that response when they design the latest malware threats.

Network World discusses the way the Stuxnet worm has exploited this vulnerability.

Many companies have focused on the worm’s ability to spread via USB flash drives. Malicious programs spreading through infected such devices have become a major problem for corporations, because of employee curiosity. In penetration tests conducted by Leviathan Security, 8 out of 10 employees that found a USB drive plugged it into a computer. All of those workers then went on to open up a spreadsheet labeled “LayoffNotice.xls,” says Frank Heidt, CEO of Leviathan.

“You can tell your people, ‘Hey, don’t plug in USB sticks into your network,’ but that is antithetical to human nature,” Heidt says.

One way to combat this problem is to restrict unknown USB devices from your network and only allow devices with built-in antivirus protection.  Kanguru includes integrated malware protection as a standard feature on all new secure flash drives.  The network restrictions can be easily managed with Group Policy or one of the many Endpoint Security products now on the market.

Data Security, Malware, Portable Storage

The Examplas blog picks up on a recent SC Magazine story:

We were intrigued to find out the results of a recent survey of dry cleaners today.  Yes, that’s right, dry cleaners.  How on earth could that possibly be of interest to us at Exemplas, you cry?  Well, because of one nugget of information that leapt out at us- more than 17,000 USB sticks were left in items of clothing deposited at the dry cleaners in 2010!

The survey canvassed more than 500 dry cleaners and launderettes in the UK and found that USB sticks continue to turn up where they don’t belong.

Data Security, Portable Storage

The Dept of Health and Human Services is stepping up enforcement of HIPAA privacy laws by handing out new fines against two violators.

From Government Computer News:

HIPAA requires health plans, health care clearinghouses and most health care providers to protect the privacy of patient information through administrative, physical and technical safeguards.

After an investigation by OCR, the agency found Mass General in violation when an employee left documents relating to 192 patients on a subway train. The documents, which were never recovered, included information on patient names, dates of birth, medical record numbers, health insurers and policy numbers, diagnoses and name of providers for 66 of those patients. HHS discovered the loss after a patient reported the records lost on March 9, 2009.

Mass General was fined $1 Million for this violation.  Imagine how many USB flash drives and other portable devices get lost in subway trains, taxis and other public places every year.  With HHS handing down stiff penalties, it’s time to consider security plans for these devices.

Data Security, Healthcare, Portable Storage

It might be on a flash drive owned by a government employee and it probably isn’t encrypted.

KATU has the story of a lost flash drive containing social security numbers for about 300 Oregon Dept of Corrections employees.  It’s not clear whether the Dept had a security policy in place regarding portable storage.  These incidents are preventable with the right combination of technology and security policies.

Data Security, Portable Storage

Don’t let an unsecure flash drive cause business disruption, productivity loss, revenue loss, and fines.

Recent events in the news have demonstrated the ease with which portable devices can be used to steal confidential data.

Avoid your own personal Wikileaks by securing your USB flash drives.  Kanguru’s secure flash drives and remote management capabilities provide excellent protection against data leaks.

The Kanguru Defender Elite coupled with Kanguru Remote Management Console (KRMC) give CIO’s and CISO’s an unprecedented level of control over their flash drives.  Data breaches can be prevented with features such as:

Remote Disable/Delete - Remotely disable or delete devices compromised by rogue employees to protect sensitive information and prevent data breaches.

Domain/IP Control - Restrict drive usage to approved domains & IP ranges and prevent unauthorized use in external networks.

Offline Restrictions - Control whether devices can be used offline. Prevent unauthorized use in external networks.

Auditing and Reporting - KRMC enforces a full audit trail with detailed graphical reporting and the ability to export both customizable audit logs and graphs for external analysis to ensure proper compliance.

Data Security, Financial, Government, Portable Storage

Dark Reading summarizes the annual threat report from PandaLabs.  Virus writers were hard at work in 2010 and many of them were focused stealing banking and financial data.

Banker Trojans still dominate the ranking of new malware that appeared in 2010 (56 percent of all samples), followed by viruses and worms. A relative newcomer to the malware landscape, rogueware (fake antivirus software) now comprises 11.6 percent of all the malware gathered and has been given its own category.

Find out more about how Kanguru can protect your organization from USB-borne viruses and malware.

Data Security, Portable Storage