I’m currently ensconced in the command chair in the Pleasure Dome (my office) drooling with desire, as opposed to my usual modus operandi which involves me simply sitting here drooling. I now know that I want an SSD drive that is “impossibly secure” — so secure, in fact, that it renders my precious data invisible on the basis that attackers cannot compromise what they cannot see.
The reason for my newfound desire for this incredible level of security — the term “Impossibly Secure” has been trademarked by the bodaciously brainy boffins at Cigent — is that I was just chatting with the company’s VP of Strategic Alliances, Tom Ricoy.
Before we waffle about the wonders of Cigent, however, let’s first set the scene. The way I have things set up, all of the data files stored on the desktop computer in my office are automatically backed up into the cloud in the form of my Dropbox account. As soon as I copy, create, delete, move, or make changes to a file, those changes are immediately reflected in the cloud.
Later, when I power-up my notepad at home in the evening, any changes I’ve made during the day are automatically synchronized from the cloud to my notepad. And, of course, the same scenario plays out the other way — any changes I make to files on my notepad computer are automatically reflected up into the cloud and back down to my office machine.
I don’t know about you, but one of the things that terrifies me is the thought of some nefarious hacker sneakily slinking their slimy way into my computer system and corrupting, deleting, or encrypting my beloved files. I’m sure we are all familiar with the concept of ransomware, which is a type of malware that either threatens to publish the victim’s personal data or encrypt it and block access to it unless a ransom is paid (as if I would have the wherewithal to pay a ransom).
If such a virus infected my system and encrypted my files, the system would simply regard these as being modifications, so it would replace the files in the cloud with these newly encrypted versions. On the bright side of things, Dropbox provides a “Rewind” tool that allows you to take individual folders or your entire account back to a specific point in time. On the downside, whichever way you look at things, you are going to waste significant amounts of time and effort purging and rebuilding your system and restoring your files.
So, how do we set about protecting our precious data? Well, as we previously discussed in my Secure Your Data at Rest, Stupid! column, the first step in securing digital data is understanding that, at different times, it may exist in one of three distinct states. These states are data in transit (which may also be referred to as data in motion or data in flight), data in use, and data at rest. Data in transit is information that is flowing through a network, including private corporate networks and public networks such as the internet. Data in use refers to active data that is being accessed and manipulated by a software program and is stored in a non-persistent digital state, typically in the computer’s random-access memory (RAM) or in the caches and registers associated with the central processing unit (CPU). Last, but certainly not least, data at rest (DAR) refers to data that is physically housed in a storage device, like a hard disk drive (HDD) or a solid-state drive (SSD). (For the remainder of these discussions, we will focus on SSDs because that’s what most of us have these days, but much of what we are going to talk about is applicable to HDDs also.)
Most people focus on protecting their data in use and data in transit using tools like antivirus software and firewalls, but they oftentimes neglect data stored on a drive. If you don’t do anything to protect this data, then if someone were to walk off with your computer and boot it up, all of your files would be exposed. The same applies if some neerdowell slips the drive out of your computer and carries it off to their lair. (We should note that professional hackers can bypass the username-password security combo used by your operating system (OS) without even pausing for breath.)
The next step up the security hierarchy is to use encryption. Here, we have two choices: we may choose to encrypt only our data files, or we may opt to encrypt the entire drive including the OS, where this latter case is referred to as full disk encryption (FDE).
If we decide to perform FDE, we again have two choices: implement it using software (SW) running on the host computer (SWFDE) or accomplish it using a hardware encryption engine (EE) that forms part of the drive (HWFDE). The EE automatically encrypts files as they are written to the drive, and it automatically decrypts the files as they are read from the drive. In addition to exposing a larger attack service to hackers, SWFDE loads the host system. By comparison, in addition to offloading the host system, HWFDE provides a smaller attack surface to hackers.
A drive that performs HWFDE is known as a self-encrypting drive (SED). So, let’s assume we are using an SED and that we perform authorization acquisition (AA) — the process by which the user confirms his or her bona fides — prior to the OS booting up. In this case we say we are performing pre-boot authorization (PBA), which means no one can even boot the OS without providing the correct authorization. Following AA, the data encryption key (DEK) is released to the SED’s EE, which allows the OS to boot and the files to become visible to the user. Unfortunately, at this time, these files also become visible to anyone with a valid network connection to this machine, at which point they can be exfiltrated from under our very noses (can you spell “bummer”?).
Another thing to consider if you are an information technology (IT) manager and/or security officer for a large organization is that you typically have no idea who has accessed which files on what drives. Yes, of course the OS keeps access logs of this sort of thing. Unfortunately, sophisticated hackers can sanitize these logs and make it look as if they were never there.
All of which brings us back to the clever chaps and chapesses at Cigent. Right from the get-go, Cigent is an interesting company. One of its co-founders, John Benkert, spent 20 years in the United States Air Force (USAF) Intelligence Service and seven years in the National Security Agency (NSA). Funded by the intelligence community, John formed a team of experts in storage, data forensics, and cyber security, resulting in the most secure data security solution available, and it’s this solution that I’m about to discuss.
Now, there’s a mindboggling cornucopia of cunning capabilities here, so I will present only a few tempting tasters with which to tickle your fancy. If, after reading what I am about to tell you, you wish to know more, then the guys and gals at Cigent are quivering in anticipation, ready and willing to expound, explicate, and elucidate in excruciating detail.
Purely for the sake of argument, let’s assume you have a 1TB drive. If you are using Cigent’s solution, you can set this up so that when you (or anyone else) boots-up the system, you see only the half of the drive containing the operating system and any unimportant data files you decide to maintain there (possibly as red herrings). All of your important data files are completely invisible and unreadable using any techniques currently known to humankind, thereby protecting them from all forms of physical and remote attack. It’s only the fact that you know these files exist that allows you to cause them to become visible.
Have you heard of the Zero Trust (ZT) security model, whose motto is “never trust, always verify”? This means that any devices like computers should not be trusted by default, even if they are connected to a managed corporate network such as the corporate LAN, and even if they have been verified previously. Taking this one step further, Cigent’s software and hardware solutions support ZT file access in the form of file access controls that allow only the trusted user to access files on an individual basis using multi-factor authentication (MFA).
As a simple example, every time you attempt to open a file, you could be prompted to provide authentication by means of a pin, an authenticator app on your smartphone, your fingerprint, facial recognition, a CAC card… the list goes on. Although this might seem to be unduly onerous, that sort of depends on how much you value your data. As fate would have it, there’s a glitch in my office computer’s OS that requires me to re-enter my account name every time I try to launch a Microsoft Office application. This was a complete pain in the nether regions when it first started a couple of months ago, but now I don’t even think about it.
The bottom line is that I can easily envisage a situation where the MFA was provided by a webcam sitting on my monitor coupled with facial recognition software running on my machine. Alternatively, if I had a contactless hand biometric scanner from nVIAsoft, all I would have to do would be to wave my hand over a scanner plugged into a USB port to grant the required access (see Contactless Hand Biometric for ID Security). But we digress… the bottom line is that using this ZT capability from Cigent defeats both zero-day ransomware and theft of in-use data.
Do you remember earlier when I said that sophisticated hackers can sanitize the OS logs, including any file accesses, thereby making it look as if they were never there? Well, a key feature of Cigent-powered drives is that they automatically maintain their own access logs that are securely stored internally in an area that can be neither seen nor wiped by an adversary. These logs may subsequently be used for forensic investigations, incident response, non-repudiation, and — possibly — litigation.
But wait, there’s more… Earlier, we discussed the case where we have a 1TB SED that appears to be only a 500GB drive when it’s powered up because any data is invisible. Now suppose that we have a 2TB SED that initially appears to be a 1TB device (that itself initially appears to be a 500GB drive). Where am I going with this? Well, what if, under my mild-mannered exterior, I was really agent 007½ of Her Majesty’s Secret Service? If I happened to be returning from an innocent vacation in Russia, and if I were to be apprehended at customs by the FSS (Federal Security Service), which is the main successor agency to the Soviet Union’s KGB (Komitet Gosudarstvennoy Bezopasnosti), and if they decided to power-up my laptop computer, all they would see would be an innocent machine running a typical OS and carrying boring files of a spotless nature. There would be no indication that only a portion of the drive was visible. Similarly, who would guess that the drive itself was equipped with accelerometers that could detect a predefined finger-tapping pattern causing it to switch to its Secret Squirrel partition with its own OS and file system. (Another finger-tapping pattern could cause the drive to crypto-erase itself, even if the laptop wasn’t powered up).
Last, but certainly not least, the firmware running on a Cigent-powered drive boasts a “keep alive heartbeat” function that ensures Cigent’s code is always running. If an attacker somehow manages to disable Cigent’s firmware, any in-use data is immediately made invisible, thereby protecting against adversaries who manage to disable endpoint security software.
Phew! My head hurts just thinking about all of this, and we’ve really only scratched the surface of Cigent’s capabilities. All I know is that I desperately want to equip my own computers with Cigent-powered drives. How about you? Are you involved in securing your organization’s data, or do you know someone who is, or do you just want to ensure your own data is safe from prying eyes? If so, you really should be talking to the folks at Cigent to learn more.