USB = Threat

usb = threat cybersecurity

The Threat, Risks and Ultimate Impact – How Safe Are Devices Entering Your Network?

In our latest blog, hear from LoughTec’s Cyber Security Territory Manager Jonathan Adams on the danger of USB pens and portable media in general.

Thanks for taking the time to read my article. Today I am going to be talking about the problem that is malicious portable media devices (USB pens, CDs or even the good old floppy disk!).

Critical digital assets need to be isolated from external networks and because of this, portable media is a primary vector for cyberattacks. Portable media is often the only way to transport files to and from secure areas for multiple sectors, from Utilities to Government. However, the risks of portable media are clear:

  • Untrusted sources
  • Known and unknown file borne malware threats
  • Confidential data loss = non-compliance of GDPR
  • Backdoor access to isolated or air-gapped networks
  • Too many types of encrypted media.

Organisations may be forced to suspend their operations if a breach is serious enough, the cost of which can be millions of pounds per day.

Think how often contractors or even visitors bring files, via a USB pen, into your business to update or repair critical infrastructure machinery.

A USB pen containing malware being inserted into your network can have catastrophic results – I’m sure I don’t need to list recent disasters that unsecured/unsafe portable media devices have caused. Often, the contractor or visitor isn’t even aware their device contains malware, so can often be the unfortunate vehicle of a major cyber-attack that costs millions of pounds and more importantly, consumer confidence.

No alt text provided for this image

Organisations may be forced to suspend their operations if the breach is serious enough, the cost of which can be millions of pounds per day. In fact, the average downtime from a zero-day attack is 19 days. I’m sure we can do the math here. There are also the remediation costs, the forensics to assess the damage, as well as the removal of any malware that has found its way into the secure network. Depending on the breach, the loss of classified or sensitive information is also a possibility. The financial impact of which may be hard to quantify, even without saying the abbreviation beginning with ‘G’ that has resulted in organisations getting fines that would make anyone’s eyes water.

Solution To Unsafe Portable Media

LoughTec and our partner OPSWAT specialise in providing solutions to problems like this – before it makes the global news! We offer a product called the ‘MetaDefender Kiosk’, which uses our AV multiscanning technology (Merging 35 AV vendors such as Crowdstrike and McAfee into one platform) to detect 99.3% of the top malware threats. Also, data sanitisation (CDR) technology is used to remove any potentially threatening active content for true zero-day threat prevention, ensuring that all portable media devices entering your network are free from malware and prevent the aforementioned ransomware attacks.

Our Kiosk product can scan all types of portable media content, can be deployed in both networked and air-gapped environments and can be paired with other solutions to offer a true closed-loop solution, such as our ‘OPSWAT Client,’ which means that only scanned portable media devices can be inserted into your endpoints, otherwise they will be rejected.

Our Kiosks range from a smaller ‘monitor’ style product that can easily be housed within secure areas of your site – or my personal favourite, the larger robust ‘ATM-style’ kiosk, which quite literally acts as a digital (but hopefully less scary) security guard that can be housed at each visitor entrance to your site. For inaccessible remote sites, we also offer an option that allows you to deploy our Kiosk software on your own hardware, such as a laptop.

No alt text provided for this image

The beauty of the Kiosk is how easy it is to use (I know how busy Security professionals are, so you will be happy to hear this) as it can be set up and fully deployed in less than 15 minutes and can scan 1,800 files per minute. Visitors will not be waiting around at the entrance making small talk to the receptionist!

So simply put – our solution secures ALL portable media devices entering your network. The Kiosk product is currently used by some of the world’s largest organisations, such as Petrofac, Exelon and a leading global Pharmaceutical organisation.

If you wish to reach out and have a conversation on how to best secure portable media devices entering your organisation and to learn more about our Kiosk product (or again discuss Electric Vehicle’s or my R8), please feel free to DM me, email me on jonathan.adams@loughtec.com or call me on +44 (0) 2882 252445.

LoughTec: Watertight Cyber Security and IT Solutions