Hardware encrypted and cloud encryption storage device vendor iStorage has garnered another nod from cybersecurity experts — this time for its ability to play a role in fighting ransomware and attacks on cryptocurrency wallets.
John Walker, visiting professor of science and technology at Nottingham Trent University, has written an expert-panel update in Information Security Buzz on the battle against ransomware where he singles out iStorage’s diskAshur DT and diskAshur Pro as effective solutions for protecting data at rest.
“The logical risks are now proving very difficult to keep up with, and pose a significant overhead on even those organisations who have technological resources,” Walker writes in the piece. “Valuable data assets should be stored offline.”
Use of secured drives with PIN-enabled access control lists such as the diskAshur DT desktop unit for SMEs and diskAshur Pro for everyday users from iStorage can keep data and information safe even when the drives are connected and switched on.
“It is not only ransomware which may implicate valuable end-user data objects,” notes Walker. “In August 2020 the Microsoft Security Intelligence Team reported on the Anubis malware agent which looks to seek out financial information assets, as well as those valuable cryptocurrency wallets which are open to access.”
However, as the Anubis malicious agent cannot follow an active, available logical path to the data objects the latter remain completely safe when such devices are used, he concludes. The final state of recovery would now be simply to reinstall the OS.
Yet without acting to prevent malware attacks of both these sorts, businesses — and national economies — run the risk of losing extraordinary amounts of money, he says, with data security or information breaches now happening “almost every day”.
“One example of such a ransomware application uncovered in 2020 was titled Ransom EXX and known to have infected the headquarters of the Japanese company Konica Minolta with devastating effect,” Walker said.
Ransomware attacks often arrive in a profile including such features as a precursor phishing communication, encouraging end users to click a presented malicious link or links, thereby infecting a system with the malware.
“With the criminal usually offering to re-enable access based upon a nominal payment of around $350 in the form of a ransom fee,” Walker writes.
“Big name companies have actually paid over said ransoms in hope that their data will be unlocked and restored. This not only potentially breaches any active Anti Money Laundering (AML) policies, but also the paying criminal organisation may be directing funds into a criminal and potentially terrorist-based organisation.”
Walker also discusses several case studies in the blog, which can be read in full here.
Managed security on the go
iStorage launched its first managed secure USB flash drive solution, datAshur BT, in late August. The new device can be authenticated using biometric credentials operable with personal devices such as a smartphone, tablet PC or Apple Watch.
Available in capacities from 4GB-128GB, the datAshur BT drive offers multi-factor user authentication to military standards via Bluetooth Low Energy (BLE) technology. A 7-15 character password will do, or biometrics including facial recognition, fingerprints or iris scanning, according to iStorage.
The FIPS-certified AES-XTS 256-bit hardware encryption can help organisations ensure compliance on the go with directives such as GDPR, HIPAA or Sarbanes-Oxley.