Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


12:44 PM
Dark Reading
Dark Reading
Products and Releases

SPYRUS Unveils Family Of USB Encryption Devices

Hydra Privacy Card safeguards against malicious attacks that spread malware through autorun files on peripheral USB drives

San Jose, CA - January 14, 2009 - SPYRUS, Inc. today announced the Hydra Privacy Card' (Hydra PC(tm)) family of USB encrypting devices is immune from USB autorun malware attacks. Hydra PC, which utilizes the most advanced security technology in the industry, protects critical information networks of the U.S. Department of Defense (US DoD) and other government agencies from malicious attacks that spread malware through autorun files on peripheral USB drives. No other USB drive provides the same level of protection.

The Hydra PC completely shields networks from such attacks. Hydra PC models are the only encrypting USB drives with military-grade Suite B cryptographic capabilities for file-by-file encryption, implementing world-class data integrity. They protect against malware by digitally signing every file and prohibiting autorun files from launching. Designed for FIPS 140-2 Level 3 security validation, Hydra PC devices implement the strongest hardware-based encryption technology commercially available to protect host computers, peripheral flash drives, and removable memory media. Many government agencies, including the US DoD, completely ban the use of USB flash drives on their networks because of the widespread threats from the "agent.btz" virus. This virus spreads when USB flash drives are moved from one computer to another. Military and other critical operations were so crippled by this virus that the President was briefed on the issue. Hydra PC virus and malware protection is impenetrable, because its filed-based encryption is inherently resistant to malware attacks and transporting malware.

In addition, its file-based encryption process hashes both the plaintext and encrypted (ciphertext) versions of each file during the encryption process. Both hashes are then validated in hardware to ensure file integrity in storage, whether the file is stored on the flash memory within the Hydra PC, externally on the computer's hard drive or on a file server. This unique sealing process protects against using data that is internally corrupted or was attacked by malware while encrypted.

The Hydra PC automatically detects and blocks any files corrupted in storage, whether by "bit-rot" media aging or by deliberate attempts to corrupt data. If a stored file is attacked or altered in any way, the user is notified and decryption is blocked.

The unique patented and patent-pending capabilities of the Hydra PC family completely protect enterprise and military mission-critical data from malware injected onto USB drives. Hydra PC is the only hardware device approved under the US DoD ESI/GSA SmartBUY Data At Rest (DAR) program for safe utilization within US DoD and civilian networks.

In recent attacks cited by the U.S. Department of Defense, USB drives were infected by malware. In the incident that received the most publicity, malware entered through autorun files that launched automatically when the drive was connected to the computer. Hydra PC Personal Encryption Device, Enterprise Edition, and Digital Attach models are integrated into the Windows Explorer Shell and prohibit autorun files from launching automatically. No file can be read from or written to any removable mass storage medium unless it is properly encrypted and validated during decryption.

Hydra PC also protects stored data against both malware and accidental modification of encrypted information, even when data is stored outside of the Hydra PC. Unlimited amounts of data can be protected with complete confidence. This protection is especially important for medical records and prescriptions, financial data, and other critical data in storage and in transit. This protection is unique among USB encryption drives.

All Hydra PC models include Hydra PC Sentry capabilities that block host PC access to removable mass storage devices, including USB and FireWire devices that use disk file systems. Hydra PC Sentry ensures that only Hydra PC encrypted files can be read or written to, prohibiting data transfers from other drives, such as camera memories and MP3 players.

"SPYRUS has delivered hundreds of thousands of portable hardware encryption products to the Department of Defense, federal and state governments, and enterprise customers over the past fifteen years," said Tom Dickens, Chief Operating Officer of SPYRUS. "Our customers have come to rely on our U.S. designed, developed, and manufactured security solutions. The Hydra PC immunity to USB autorun malware attacks is the latest example of how our high strength security implementations protect data."

About SPYRUS SPYRUS, Inc., a Microsoft Managed ISV Partner, has pioneered portable security products and solutions for the information security market since its inception in 1992. Our primary product lines of LYNKS Hardware Security Modules, Rosetta Series II smart cards and USB security devices, Hydra Privacy Card' Series II encryption and mass storage, Talisman/DS' Data Security Suite, and identity management products (Signal Identity Manager(tm) and SPYRUS PKI) meet customer needs for high-assurance security. Our mission is to set the standard for the new era of multinational information sharing and long-term data protection. SPYRUS, Inc. is headquartered in San Jose, CA. See www.spyrus.com for further information.

Comment  | 
Print  | 
More Insights
Oldest First  |  Newest First  |  Threaded View
7 Old IT Things Every New InfoSec Pro Should Know
Joan Goodchild, Staff Editor,  4/20/2021
Cloud-Native Businesses Struggle With Security
Robert Lemos, Contributing Writer,  5/6/2021
Defending Against Web Scraping Attacks
Rob Simon, Principal Security Consultant at TrustedSec,  5/7/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-05-13
A Denial of Service due to Improper Input Validation vulnerability in the Management Console component of BlackBerry UEM version(s) 12.13.1 QF2 and earlier and 12.12.1a QF6 and earlier could allow an attacker to potentially to prevent any new user connections.
PUBLISHED: 2021-05-13
A Remote Code Execution vulnerability in the Management Console component of BlackBerry UEM version(s) 12.13.1 QF2 and earlier and 12.12.1a QF6 and earlier could allow an attacker to potentially cause the spreadsheet application to run commands on the victim’s local machine with t...
PUBLISHED: 2021-05-13
An Information Disclosure vulnerability in the Management Console component of BlackBerry UEM version(s) 12.13.1 QF2 and earlier and 12.12.1a QF6 and earlier could allow an attacker to potentially gain access to a victim's web history.
PUBLISHED: 2021-05-13
Specific versions of the MongoDB C# Driver may erroneously publish events containing authentication-related data to a command listener configured by an application. The published events may contain security-sensitive data when commands such as "saslStart", "saslContinue", "i...
PUBLISHED: 2021-05-13
SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling.