The System

Hunna is a high assurance ”washing machine” for USB memory devices (CD/DVD and USB memory sticks), designed to bridge air gaps between classified information systems. By ensuring that the first system that can be attacked is a separate device, an extra layer of protection is introduced, which significantly reduces the risk of malware infection of the receiving information system.

The Hunna system consists of two main components;

  • The Hunna anti-malware device
  • A central update server system

The Hunna unit contains several security features, including a white-list function to ensure that only certain file types can be transferred, as well as several anti-virus controls to reduce the risk of malware infection. In addition, it is possible to add custom security functions.

The information is copied from the source medium to the target medium (USB memory stick) after it has first checked the content for malware. This means that the USB stick to be used for transferring the information is of a type that is known. This also prevents against ”bad USB-attacks”, as it prevents the need to connect unknown USB memory sticks to the target information system.

A number  of anti-virus controls are run in parallell, controlling the contents of the memory stick, includng the boot-sector. If any of the internal controls detects malware or PUA, the file will not be approved for transfer, and will not be transferred to the target memory stick. Instead, these suspected files will be transferred to a third memory stick, the ”quarantine”, which provides the opportunity to be analysed separately.

Assurance levels

The Hunna system is designed and constructed to be used in information environments with the highest demands on security within Armed Forces environments. To ensure this, the system contains a large number of security features, where, for example, certain functions are builit in hardware instead of in software, which eliminates the risk that the unit in itself can be subjected to an attack. The system also guarantees that no sensitive information can, in any way, remain on the Hunna device.