OPSWAT mobile hardware offers infrastructure security for the air gap

Infrastructure protection vendor OPSWAT has announced the availability of its new MetaDefender Kiosk K2100 hardware, designed to provide a mobile option for users who want the company’s media-scanning capabilities to work in the field.

OPSWAT’s MetaDefender line of kiosks is designed to address a potential security weakness for critical infrastructure defended by air gaps. In order to patch those systems, audit them, or move data among them, removable media like SD cards, USB sticks and sometimes even DVDs are used by field service personnel.

The vulnerability of the removable media is, therefore, a potential problem, according to OPSWAT vice president of products Pete Lund, not least in the sense that that media could be used to move sensitive information off of critical infrastructure.

“Oftentimes in OT [operational technology], you’ll have third-party contractors, and oftentimes they need to take data off of the machines,” he said. “What we can do is scan information coming in and coming out for PII, hostnames, anything that’s sensitive data … and sanitize files for that.”

The MetaDefender Kiosk line also scans files on removable media using up to 30 different antivirus protection applications, as well as checking through binaries and executables for vendor and version info, to determine whether they could introduce vulnerabilities into protected systems.

Moreover, MetaDefender uses content disarm and reconstruction technology to protect against zero-day attacks, Lund noted.

“So oftentimes, zero-days will include things that matches specific pattern, like you have a PDF or a Word document with something embedded into it,” he said. “And we … think about the use case of a contractor who goes to maybe a vendor website, downloads a PDF, but what if this is actually a watering hole website where that PDF has been weaponized?”

Hence, the CDR (content disarm and reconstruction) technology in the MetaDefender system is designed to rebuild a PDF or Word document to remove any code or macros that don’t need to be there.

Lund said that the target customers are mostly in the manufacturing, chemical processing, energy and oil industries — but that the system is applicable to any organization that has a geographically dispersed or outdoor component to their operations.

“The other side is folks doing digital evidence collection, so folks in either the armed forces or military who are picking up potential criminally used laptops, thumb drives, phones,” he said. “We have the ability to scan, ultimately, anything.”

The K2100 can be ordered from OPSWAT as of now, with shipments expected to start going out later in the first quarter. The product is available in either a perpetual model — where the hardware can be bought outright, with licensing fees for the AV engines and different capabilities — or as a subscription leasing model with an annual use fee.