Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

1/15/2009
12:44 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

SPYRUS Unveils Family Of USB Encryption Devices

Hydra Privacy Card safeguards against malicious attacks that spread malware through autorun files on peripheral USB drives

San Jose, CA - January 14, 2009 - SPYRUS, Inc. today announced the Hydra Privacy Card' (Hydra PC(tm)) family of USB encrypting devices is immune from USB autorun malware attacks. Hydra PC, which utilizes the most advanced security technology in the industry, protects critical information networks of the U.S. Department of Defense (US DoD) and other government agencies from malicious attacks that spread malware through autorun files on peripheral USB drives. No other USB drive provides the same level of protection.

The Hydra PC completely shields networks from such attacks. Hydra PC models are the only encrypting USB drives with military-grade Suite B cryptographic capabilities for file-by-file encryption, implementing world-class data integrity. They protect against malware by digitally signing every file and prohibiting autorun files from launching. Designed for FIPS 140-2 Level 3 security validation, Hydra PC devices implement the strongest hardware-based encryption technology commercially available to protect host computers, peripheral flash drives, and removable memory media. Many government agencies, including the US DoD, completely ban the use of USB flash drives on their networks because of the widespread threats from the "agent.btz" virus. This virus spreads when USB flash drives are moved from one computer to another. Military and other critical operations were so crippled by this virus that the President was briefed on the issue. Hydra PC virus and malware protection is impenetrable, because its filed-based encryption is inherently resistant to malware attacks and transporting malware.

In addition, its file-based encryption process hashes both the plaintext and encrypted (ciphertext) versions of each file during the encryption process. Both hashes are then validated in hardware to ensure file integrity in storage, whether the file is stored on the flash memory within the Hydra PC, externally on the computer's hard drive or on a file server. This unique sealing process protects against using data that is internally corrupted or was attacked by malware while encrypted.

The Hydra PC automatically detects and blocks any files corrupted in storage, whether by "bit-rot" media aging or by deliberate attempts to corrupt data. If a stored file is attacked or altered in any way, the user is notified and decryption is blocked.

The unique patented and patent-pending capabilities of the Hydra PC family completely protect enterprise and military mission-critical data from malware injected onto USB drives. Hydra PC is the only hardware device approved under the US DoD ESI/GSA SmartBUY Data At Rest (DAR) program for safe utilization within US DoD and civilian networks.

In recent attacks cited by the U.S. Department of Defense, USB drives were infected by malware. In the incident that received the most publicity, malware entered through autorun files that launched automatically when the drive was connected to the computer. Hydra PC Personal Encryption Device, Enterprise Edition, and Digital Attach models are integrated into the Windows Explorer Shell and prohibit autorun files from launching automatically. No file can be read from or written to any removable mass storage medium unless it is properly encrypted and validated during decryption.

Hydra PC also protects stored data against both malware and accidental modification of encrypted information, even when data is stored outside of the Hydra PC. Unlimited amounts of data can be protected with complete confidence. This protection is especially important for medical records and prescriptions, financial data, and other critical data in storage and in transit. This protection is unique among USB encryption drives.

All Hydra PC models include Hydra PC Sentry capabilities that block host PC access to removable mass storage devices, including USB and FireWire devices that use disk file systems. Hydra PC Sentry ensures that only Hydra PC encrypted files can be read or written to, prohibiting data transfers from other drives, such as camera memories and MP3 players.

"SPYRUS has delivered hundreds of thousands of portable hardware encryption products to the Department of Defense, federal and state governments, and enterprise customers over the past fifteen years," said Tom Dickens, Chief Operating Officer of SPYRUS. "Our customers have come to rely on our U.S. designed, developed, and manufactured security solutions. The Hydra PC immunity to USB autorun malware attacks is the latest example of how our high strength security implementations protect data."

About SPYRUS SPYRUS, Inc., a Microsoft Managed ISV Partner, has pioneered portable security products and solutions for the information security market since its inception in 1992. Our primary product lines of LYNKS Hardware Security Modules, Rosetta Series II smart cards and USB security devices, Hydra Privacy Card' Series II encryption and mass storage, Talisman/DS' Data Security Suite, and identity management products (Signal Identity Manager(tm) and SPYRUS PKI) meet customer needs for high-assurance security. Our mission is to set the standard for the new era of multinational information sharing and long-term data protection. SPYRUS, Inc. is headquartered in San Jose, CA. See www.spyrus.com for further information.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-3460
PUBLISHED: 2021-04-13
The Motorola MH702x devices, prior to version 2.0.0.301, do not properly verify the server certificate during communication with the support server which could lead to the communication channel being accessible by an attacker.
CVE-2021-3462
PUBLISHED: 2021-04-13
A privilege escalation vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could allow unauthorized access to the driver's device object.
CVE-2021-3463
PUBLISHED: 2021-04-13
A null pointer dereference vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could cause systems to experience a blue screen error.
CVE-2021-3471
PUBLISHED: 2021-04-13
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2021-3473
PUBLISHED: 2021-04-13
An internal product security audit of Lenovo XClarity Controller (XCC) discovered that the XCC configuration backup/restore password may be written to an internal XCC log buffer if Lenovo XClarity Administrator (LXCA) is used to perform the backup/restore. The backup/restore password typically exist...