Flash drives make transferring and sharing files a convenient process for corporate offices, information technology (IT) departments, and operational technology (OT) environments. Unfortunately, it also makes it easier for cybercriminals to access sensitive data and install ransomware on a computer system. There are many issues that can arise when someone plugs a flash drive into a network, but some are more lethal than others. As technology develops, so does the complexity of a cyberattack, and ultimately the need for secure storage media rises.
Security Gaps in All Tech Environments
A report from Fortinet found that 77 percent of organizations with OT networks have experienced an IT security incident in the past year. The same report stated that 78% of networks only have partial centralized visibility of their OT security. Incidents of security breaches have been prevalent in all industries such as the University of Texas MD Anderson Cancer Center, who was charged over $4 million in HIPAA fines for an incident involving the loss of two unencrypted USBs.
An unencrypted USB can easily become lost or stolen and when this happens, there is no way to track the device or protect the files on it. That is when a company loses sensitive information; simply because there were no proper security measures in place. There is also a risk when people use their own USB flash drives for corporate files rather than company-issued devices.
24% of data breaches are caused by human error. A storage solution without encryption and the continued risks of a BYOD policy put corporate entities at risk. With these security threats, OT and IT networks will continue to have data security breaches and leak information to unauthorized parties.
Ransomware and Malware on the Go
In 2019, a Norwegian aluminum manufacturer called Norsk Hydro lost over $40 million following a ransomware attack. Another incident occurred during the same week where a woman was arrested by the Secret Service after entering a Mar-a-Lago Resort owned by President Trump with a USB that contained malware. The portability and inconspicuousness of the device are factors that are a part of the downfall of using a USB.
A flash drive can be plugged into any computer and malware can be installed on an entire computer system in a matter of seconds. The alarming part of the incident at Mar-a-Lago was that the Secret Service agent simply plugged the USB into a computer to find that it contained malware without even testing it first. The lack of security controls on this type of media opens all industries up to ransomware and other cyberattacks if they don’t change their data storage and transfer operations.
Solving the USB Security Crisis
The convenience factors we have mentioned earlier support the continued use of flash drives in business models. If corporate entities like healthcare facilities, financial institutions, and remote workers plan to continue to store sensitive information on these devices, they need to use media with more layers of security.
The SecureUSBs are hardware encrypted flash drives with unique authentication methods. On the KP model, a user enters their complex PIN via the onboard and wear-resistant keypad. The BT model allows a user to unlock the device using an app on their mobile device. They can even use biometrics such as fingerprints and facial recognition to authenticate.
The drives themselves have built-in antivirus to prevent malicious software and files from being transferred to or from the device, thus eliminating the threat of ransomware corrupting crucial information. Both USBs also have brute force anti-hacking technology to wipe the drive after 10 consecutive failed PIN entries; protecting your data if the device is lost or stolen.