EU Approves Our Encryption Equipment
Our innovative encryption system SecuriVPN Arana has been approved by EU which is great news for us and our customers. Sweden’s leading IT news publication Computer Sweden covers this major event in our company history.
We’re one of only four companies across Europe to offer products for secure IP networks that are approved by EU for use on the highest information classification level, EU Secret.
Authorities and companies are attacked on a daily basis. Threats come from competitors or even foreign powers. It is difficult to prevent espionage when a large amount of information is exchanged between geographically separated sites, while ensuring high availability.
SecuriVPN Arana is tailored for authorities’ specific needs. The solution provides the highest possible protection against interception of communications and is approved to handle classified information in Sweden and the EU. The system has a very high reliability and is cost-effective and safe to administer. Administrative personnel can manage the system without the possibility of retrieving secret user information.
According to EU regulations, secret EU information must be protected by products approved by the European Union. SecuriVPN Arana has been evaluated and approved by security authorities in both Sweden and Holland.
Email ThisStuxnet authors still active?
Symantec reports that a malware called Duqu has been found on the European continent. Early investigations shows that Duqu is based on the Stuxnet malware that hit the Iranian nuclear program. Duqu derives from the same souce code as Stuxnet and the similarities between the two suggests that it is the same persons behind the attacks.
The Duqu malware was found at companies using SCADA (supervisory control and data acquisition) systems. The aim for Duqu is so far unclear, but some new functionality has been found, among them is a keylogger. This malware maybe a reconnaissance drill to gather information for the next mayor attack on SCADA systems.
U.S. Drone fleet under attack
Wired reports that the U.S. drone fleet has been infected with a virus that includes a keylogger function. The virus has spread both in unclassified and classified systems. The keylogger logs all keystrokes in the pilot’s cockpits as they fly missions over Afghanistan and other war zones.
The virus has bridged the air gap normally separating the unclassified and classified systems. A movable media, e.g. USB sticks, is probably the cause of which the virus can infect both systems.
According to Wired's sources the military network specialists has so far been unable to extinguish the virus as it keeps coming back. The Air Force declined to comment directly on the virus.
The virus attack shows how even organisations with rigorous security and IT-policies can become victims in the USB security nightmare. This is a risk many organizations are taking when using USB-sticks and even with encrypted USB sticks. When you are using an encrypted USB stick you are also encrypting the virus, so total erasure of the stick before use is a reliable solution. It is crucial when using USB sticks in protected systems, and in every system for that matter, that you must be sure that you don't spread the virus.
With SecuriRAM it is easier to trace the virus due to the fact that it can be totally erased after each usage. You will not move the virus back and forth between systems as you do with traditional USB sticks. So a SecuriRAM together with white listing of approved USB units will provide a better security.
Targeted attack using hacked USB mouse
Last week I commented on the test conducted by The U.S. Department of Homeland Security where an alarming 90% of the employees used USB sticks found on the parking lot. But Microsoft has improved the ability to control the autostart function. So, is the USB problem over?
A targeted attack by Netragard on one of their clients shows that the USB problem is still very present. The client limited the attack surface by excluding the use of social attack vectors based on social networks, telephone, or email and disallowed any physical access to the campus and surrounding areas.
By modifying a USB Logitech mouse to include a USB hub, microcontroller and a USB stick. The microcontroller was programmed to act as a keyboard and send keystrokes with commands to access the onboard USB stick. The USB stick contained a custom malware that would connect to a remote server. The hackers had done some social surveillance and found out that the company was using McAfee antivirus software, one of the company employees had complained about it on Facebook. With this information the hackers set up a test environment and successfully connected to the remote server.
The USB mouse was placed back into its original package and a fake marketing flyer made it look like a promotional gadget. A target employee was selected and the package was shipped. A couple of days later the mouse connected to the remote server.
If this had been a real attack on the company the consequences would have been severe of course. This penetration test shows how vulnerable the USB port can be, even with active antivirus software and autostart turned off. In this case a USB port blocking software would have done the trick and stopped the promotional stunt by blocking the hacked USB mouse.
An advice: Think twice before using promotional USB gadgets or USB sticks.
Should people be blamed for using an unknown USB stick?
According to Bloomberg, The U.S. Department of Homeland Security tested government staff to see if they would pick-up and use CDs and USB sticks found in the parking lot. The result was of course bad, 60% of the people plugged in the found media in the office computer, 90% was plugged in if the media was branded with the official logo. This is no surprise, but of course shocking for IT-security personnel.
Bruce Schneier commented on this, by saying that the problem is not the people, it is the USB sticks. "Quit blaming the victim" Schneier says. I am bound to agree with Schneier.
The tests, conducted by The U.S. Department of Homeland Security, shows that IT-security policies is not enough. IT-security policies can dictate any demands but the users must be supported in their security awareness.
Creating security awareness is a hard thing to do. The users must be aided in a technical way. Blocking all insecure USB-sticks and only allowing e.g. encrypted sticks or SecuriRAM, can be one way to get through to the users and saying: -Insecure USB sticks are dangerous stuff, don’t use them, and don’t touch them.
Below you will see my short-list of how to support your users and to improve USB stick security.
- Educate the personnel of the risks with USB sticks
- Block auto start and U3
- Update the operating system as soon as the security patches are released
- Keep the virus protection updated
- Use a USB port blocking software and allow only known USB sticks (white listing)
- Keep track of the USB sticks, remove lost USB sticks from white list
- Use secure USB sticks e.g. encrypted sticks or SecuriRAM
European Companies may face Mandatory Requirement to Notify About Data Security Breaches
The European Union justice commissioner Viviane Reding said that she intends to introduce a requirement into the data protection laws that makes it mandatory to notify about data security breaches in a speech held at the British Bankers’ Association (BBA) Data Protection and Privacy Conference in London.
Businesses that store customer data will have to disclose any data breaches.
“It would create a stronger incentive for businesses to conduct serious risk assessments to protect personal data and to implement the appropriate security measures protecting the confidentiality, the integrity and the availability of personal data,” Reding said.
Read more on v3.co.uk
The 2010 Swedish Security Police Year-book Has Finally Arrived
Last week, the Swedish Security Police published its 2010 year-book outlining key events and case studies from last year. It’s interesting reading for anyone who’s working with security issues. For example, you can read about the increased security threat last October, the planned attack in Copenhagen and the bomb attack in central Stockholm.
The year-book also includes sections on electronic espionage and counter-espionage. It’s well worth reading if you want to pick up knowledge in just why security is so important from different views and aspect.
Did you know that:
• More than 15 countries pursue systematic intelligence operations in and against Sweden or Swedish targets overseas in 2010. The purpose of such operations is often to gather information about politics, economics, technology, science or refugees.
• 207 citizens wanted access to their files in the Swedish Security registry in 2010. 119 of these were granted access. Those not permitted where either not in the registry or the file was classified.
Download the report in Swedish.
Swedish Media Pick Up the Business Security Story
We’re really pleased about the coverage about the self erasure memory stick. A few titles, including the print edition of our most important business news daily Dagens Industri has covered the story of Business Security’s invention. The journey from idea to launch has been exciting and as a Swedish company, we’re also proud to say that the local subcontractor Note Lund is the manufacturer of choice.
The idea behind the USB memory stick came from the notion that companies and private individuals often lack of security skills. This was also supported in our own survey. Given that loads of USB memory sticks may contain sensitive information, SecuriRAM gives the user the ability to take control and have a clean stick at all times. Dell will be the official reseller for this product and to date, we haven’t seen any product like this. Our product solves a key challenge for our customers as we believe that our memory stick actually may change a behavior.
Further reading in Swedish:
The Security Hazards with USB Sticks Uncovered
Obviously, we knew about the security hazards with USB sticks when we developed the self erasing SecuriRAM. Today, we know just how serious the security hazards arein our home country Sweden. We commissioned the research firm TNS SIFO, who asked Swedes about their USB behaviors. Our research uncovered that:
• 4 out of 10 Swedes don’t know where they have their USB sticks.
• 2 out of 3 Swedes aren’t aware of the fact that information stored on an ordinary USB stick is traceable even after the files have been deleted.
• 40 percent don’t mind that USB sticks may carry computer viruses.
• 60 percent have used a private USB stick at work.
Even if the cloud is coming closer every day, we believe that demand for USB sticks will keep on rising. More than 275 million USB sticks are sold each year. USB sticks are still the easy way to transport files a short distance off-line. And it is private. As SecuriRAM is the first self-erasing USB stick on the market, we are excited to see the global demand for this product. We’re proud to say that we developed this locally and also manufacture it in our hometown Lund. The stick targets users who want to transport a limited amount of information. Its unique feature is the ability to completely erase all its content, either manually by the user or automatically after 24 hours of inactivity. This way, we’ve made the world a bit better as information aren’t floating around uncontrolled, increasing the security for companies and organizations.