What You need to Know about the USB Security Problems
Manufacturers of USB devices ship more than 3 billion devices around the world each year. The USB flash drives are used for data storage, transferring files, and backing up small amounts of data. When the first USB drives hit the market, they had a storage capacity of 64 to 128Mb of data. Today, manufactures have increased the storage capacity of these tiny devices, making them an ideal choice for consumers and businesses.
Many people plug their USB device into computers, televisions, car stereos, and mobile devices without thinking that these devices can be incredibly destructive. The USB device in order to operate correctly uses a firmware chip that controls the basic functions of the device. The drive’s firmware tells the device how to interact and communicate with your computer or other devices that have a USB port.
What the user doesn’t understand is that the firmware of any USB device is subject to attacks from BadUSB or USBdriveby malware. Once the USB device is plugged into any computer’s USB port the malware instantly attacks the computer’s USB port. The malware that has infected the firmware of the USB device is difficult to detect and can go unnoticed by the user.
What Is BadUSB?
BadUSB is a malware that attacks the USB device’s firmware. When the infected devices are plugged into any USB port the infected firmware can take over any computer. The infected firmware will be invisibly installed on your computer to redirect your internet requests or hijack your computer. The creator of the malware has complete control over your computer’s firewall and redirects your system to a DNS server that they control.
If the USB device is scanned with an antivirus or malware software, it is unable to detect the malware on the device. Normal virus detection software isn’t capable of scanning the USB firmware for malware infections.
The only way to detect an infected USB firmware is to debug the firmware code line by line to see where the malware was inserted. This is a difficult task for most experts and impossible for the average user to detect the infected firmware.
What Is USBdriveby?
USBdriveby is a remote device that a person attaches to your computer’s USB port. Once the device is attached, it gains access to your computer and take advantage of the flaws within the USB protocols. The device attached to the USB port pretends to be a USB mouse and keyboard.
The USBdriveby device immediately shuts down your computer’s security system. The software opens a backdoor to your computer for the hacker to gain access and disables your firewall. After installation the device is removed from your USB port and exits your system without leaving any traces behind. The only way to find the backdoor is to debug your computer’s operating system. Most users never find the backdoor this device has installed on their computer.
How Can You Protect Yourself Against BadUSB Or USBdriveby?
It is difficult to stop USBdriveby because the problem is in the USB architecture of the ports firmware on your computer. The only way to guard against this attack is to remove all your USB ports on your motherboard or computer tower. You basically have only one defense against this attack. You will need to guard your computer against anyone who has a microcontroller device that can attach to your computer’s USB ports.
However BadUSB can be controlled by taking defensive steps to guard your USB key. When using your USB mass storage device you need to pay attention to what computers into which you plug your device. If you feel the computer isn’t safe or could have a virus don’t attach your USB device. Furthermore, be suspicious of anyone wanting to plug their USB device into your computer. Their device could be infected with BadUSB and they want to gain control of your computer.
USB devices pose a security threat to a company’s computer networks. You need to protect your network from USBdriveby and BadUSB malware threats by controlling the USB devices used in your company.
To learn more about the USBdriveby visit Tech Crunch and view the video by Sammy Kamkar. He has created a video demonstrating the abilities of the USB microcontroller and how fast it can infect your computer and open a backdoor.