Kingston Datatraveler security flaws highlight need for highest levels of encryption says Origin Storage
December 2009 by Origin Storage
As Kingston Technologies has revealed several of its `secure’ USB drives can be hacked by a skilled cracker (http://bit.ly/5aTZ4z), Origin Storage says that the situation is a classic illustration of the increasing levels of hacker sophistication making lower level encryption technologies obsolete.
"Kingston has revealed that its DataTraveler BlackBox, as well as the Secure and Elite Privacy USB drives, can be hacked. Sales of the BlackBox are now on hold, which I think speaks volumes," said Andy Cordial, managing director with Origin Storage, the storage systems integration specialist.
"Although the Secure and Elite Privacy units are no longer on sale, there are a number of these secure USB drives in active use by public and private sector organisations - who’s going to tell them their supposedly secure drives are hackable?, he added.
According to Cordial, more than anything, this situation highlights the fact that Moore’s Law (http://bit.ly/sxUl) also applies to hacker technology, meaning that today’s secure encryption systems are tomorrow’s crackable technologies.
Put simply, he explained, any organisation considering a secure method of storing, transporting and/or sharing data should select only those systems that use the most powerful encryption technology – and preferably with an additional layer of protection, such as a PIN/password system, on top of the encryption.
Origin’s DataLocker products (http://bit.ly/2vb6y9), he says, are an example of such technology because, as well as featuring high levels of encryption, they also have brute force hacker defence technology as a standard feature.
"The days of selecting the cheapest secure USB drive and similar storage technologies are now long gone, as the Kingston situation clearly shows," he said.
"The better equipped secure storage devices freely available on the market today are highly secure against today’s - as well as well as tomorrow’s - hackers, making an investment in the technology something of a no-brainer, compared to the potential legal and reputational damage of sourcing a lower-cost, lower-spec solution," he added.