What You need to Know about the USB Security Problems

USB Security Problems

Manufacturers of USB devices ship more than 3 billion devices around the world each year. The USB flash drives are used for data storage, transferring files, and backing up small amounts of data. When the first USB drives hit the market, they had a storage capacity of 64 to 128Mb of data. Today, manufactures have increased the storage capacity of these tiny devices, making them an ideal choice for consumers and businesses.

Many people plug their USB device into computers, televisions, car stereos, and mobile devices without thinking that these devices can be incredibly destructive. The USB device in order to operate correctly uses a firmware chip that controls the basic functions of the device. The drive’s firmware tells the device how to interact and communicate with your computer or other devices that have a USB port.

What the user doesn’t understand is that the firmware of any USB device is subject to attacks from BadUSB or USBdriveby malware. Once the USB device is plugged into any computer’s USB port the malware instantly attacks the computer’s USB port. The malware that has infected the firmware of the USB device is difficult to detect and can go unnoticed by the user.

What Is BadUSB?

BadUSB is a malware that attacks the USB device’s firmware. When the infected devices are plugged into any USB port the infected firmware can take over any computer. The infected firmware will be invisibly installed on your computer to redirect your internet requests or hijack your computer. The creator of the malware has complete control over your computer’s firewall and redirects your system to a DNS server that they control.

If the USB device is scanned with an antivirus or malware software, it is unable to detect the malware on the device. Normal virus detection software isn’t capable of scanning the USB firmware for malware infections.

The only way to detect an infected USB firmware is to debug the firmware code line by line to see where the malware was inserted. This is a difficult task for most experts and impossible for the average user to detect the infected firmware.

What Is USBdriveby?

USBdriveby is a remote device that a person attaches to your computer’s USB port. Once the device is attached, it gains access to your computer and take advantage of the flaws within the USB protocols. The device attached to the USB port pretends to be a USB mouse and keyboard.

The USBdriveby device immediately shuts down your computer’s security system. The software opens a backdoor to your computer for the hacker to gain access and disables your firewall. After installation the device is removed from your USB port and exits your system without leaving any traces behind. The only way to find the backdoor is to debug your computer’s operating system. Most users never find the backdoor this device has installed on their computer.

How Can You Protect Yourself Against BadUSB Or USBdriveby?

It is difficult to stop USBdriveby because the problem is in the USB architecture of the ports firmware on your computer. The only way to guard against this attack is to remove all your USB ports on your motherboard or computer tower. You basically have only one defense against this attack. You will need to guard your computer against anyone who has a microcontroller device that can attach to your computer’s USB ports.

However BadUSB can be controlled by taking defensive steps to guard your USB key. When using your USB mass storage device you need to pay attention to what computers into which you plug your device. If you feel the computer isn’t safe or could have a virus don’t attach your USB device. Furthermore, be suspicious of anyone wanting to plug their USB device into your computer. Their device could be infected with BadUSB and they want to gain control of your computer.

In Conclusion

USB devices pose a security threat to a company’s computer networks. You need to protect your network from USBdriveby and BadUSB malware threats by controlling the USB devices used in your company.

To learn more about the USBdriveby visit Tech Crunch and view the video by Sammy Kamkar. He has created a video demonstrating the abilities of the USB microcontroller and how fast it can infect your computer and open a backdoor.

Image: flickr.com

Recommended Posts | Data Loss Prevention

Data Loss Prevention Manual

Turning Your Safety On: A Data Loss Prevention Manual

Data Loss Prevention (DLP) is a collective system which detects and protects sensitive data by usage of advanced content analysis stemming from a single management console. Security should always be at the top most priority of any one because loss of private files could make or break a company ...
Effective Ways To Protect Intellectual Property

3 Effective Ways To Protect Intellectual Property

Security of intellectual property can only be as safe as our computing and storage devices. This asset has to be saved on digital storage devices. This is a definite challenge for the safeguarding of intangible property, as the majority of digital platforms are not the safest of places ...
Prevent Data Loss Using Different Drives

Prevent Data Loss Using Different Drives

Although data loss affects all computer users, it is a particular problem for those of us who use word processing software. It is the most frustrating thing in the world to lose documents of importance which you have spent a lot of time in creating, especially if you are the same as most computer ...
Data Recovery Guide

Data Recovery Guide: How To Do It?

With thunderstorms, power surges, viruses, natural disasters, human errors, and hackers the risks are almost always actual. To be in the safe side, you will want to back up your files and keep carrying it out on a regular basis. A software begins to behave funny as well as if you're employing PC ...