OAKDALE, Minn.--(BUSINESS WIRE)--Imation Corp. (NYSE: IMN), a global data storage and information security company, today announced that its IronKey Secure USB devices are not vulnerable to BadUSB malware which was revealed at Black Hat on August 7. BadUSB is the first USB malware designed to attack the device itself instead of attacking the data on the device. IronKey’s leadership in security, including its use of digital signatures in all controller firmware, makes its products immune to this new threat. To help reduce the impact of BadUSB, the company is offering a GoodUSB Trade-Up Program that provides discounts on its secure USB products.
As revealed at the Black Hat session on BadUSB, the attack changes the firmware that controls the behavior of the USB hardware, allowing the USB device to become a host that can subsequently infect other computers and USB devices. The modified controller firmware cannot be detected by today’s anti-malware solutions, and in many cases, may remain undetectable.
As explained by the researchers, the best protection against this vulnerability is to use code signing for firmware updates. If the signed firmware is modified, the device cannot authenticate the firmware and simply will not operate. This prevents the infection from spreading but results in an unusable device. That is why in addition to using signed firmware, IronKey protects the mechanism used to update the firmware with hardware-based security keys. This prevents tampering with the signed firmware, which would leave the device unusable.
Additional key security features available for secure USB:
- Secure, military-grade 256-bit AES full disk hardware encryption
- FIPS (Federal Information Processing Standards) 140-2 Level 3 validation
- Centralized management supporting remote wipe/disable of lost or stolen devices
- Multifactor authentication
- Built-in password protection policies
- Ruggedized, waterproof metal case that resists physical break-ins and is tamper-evident
- Virus/malware protection
“Protecting critical data has been the primary reason for deploying secure USB flash drives in enterprises and government agencies,” said Ken Jones, vice president of engineering and product management for IronKey. “BadUSB is a new kind of threat. Now more than ever secure flash drives are a necessity to protect your entire corporate infrastructure and even your home environment.”
IronKey’s GoodUSB Trade-Up Program is designed to help protect organizations from BadUSB now and from similar attacks in the future. With the IronKey GoodUSB Trade-Up Program, all IronKey USB devices on the IronKey eStore (http://store.ironkey.com) are now 15 percent off MSRP through September 15, 2014. For organizations in the Americas interested in volume purchase discounts, please call +1 888 435 7682 or email firstname.lastname@example.org. For International organizations, please call +44 (0) 7977 530 243 or email email@example.com.
About Imation Corp.
Imation is a global data storage and information security company. Our products and solutions help organizations and individuals store, manage and protect their digital content. Imation’s storage and security portfolio includes Nexsan™ high-density, archive and solid-state optimized unified hybrid storage solutions; IronKey mobile security solutions that address the needs of professionals for secure data transport and mobile workspaces; and consumer storage solutions, audio products and accessories sold under the Imation™, Memorex™ and TDK Life on Record™ brands. Imation reaches customers in more than 100 countries through a powerful global distribution network. For more information, visit www.imation.com.
Imation, the Imation logo, IronKey, the IronKey logo, Nexsan, and Memorex are trademarks of Imation Corp. and its subsidiaries. TDK Life on Record is used under a trademark license from TDK Corporation. All other trademarks are property of their respective owners.