USB Devices – The Next Large Security Threat?

usb-device-blocking

Blackshades, Heart Bleed, IE exploits, the list goes on. Large security breaches are becoming more and more common unfortunately, and it is difficult to predict where the next one will come from.

A security firm in Germany believes the next one is from USB devices of all things. They’ve managed to create a proof of concept piece of software that they call BadUSB. I’ll admit it’s not the most creative name I’ve heard, but the German style has always been about efficiency which the name gets spot on. It’s a nasty piece of malware that can break your system in three different ways:

  • It can install malware on other USB devices connected to the computer
  • It can change your system’s DNS settings to redirect traffic.
  • It can infect your boot drive and render your computer inoperable.

The worst part?

It can’t even be found by today’s malware scanners, so once this thing is on a USB device you can’t get it off. The technical reason for this is that the malware hides in the firmware of the USB, the software that runs the device. Scanners cannot access the firmware running on the USB devices, and if they can’t access it then they find it. It’s as simple as that.

So what do you do?

Well in the long run USB makers will add security layers to their firmware, making it more difficult for something like BadUSB to exist. But that could be years away, and with the pressure to lower the cost of USB devices it seems unlikely that this security, which doesn’t even exist yet, will ever be added on some of the cheaper models.

One solution is to ban the use of USB devices in your business, but unfortunately that isn’t very practical. They’re incredibly useful, and have gained wide acceptance in the workplace. Open your desk drawer right now and there’s probably 3-5 USB devices right there. Take a look at your key chain you probably have 2-3 more hanging right there that you take everywhere.

The solution I’ve come up with is AccessPatrol. It’s an inexpensive storage device management system that allows you to protect company computers from alien USB devices.  With it you can allow, block, and set devices to read-only.  You can limit which storage devices have access to your company network, whether it’s by allowing set of company USB devices or by simply blocking all access.

This way harmful devices brought in from outside sources will automatically be blocked, thus stopping any threat from USB devices. Try it out today, its security software of the future, and it could just stop the next big security breach.

By: Mike Kachaniwsky

CurrentWare Admin
CurrentWare Admin
CurrentWare is the maker of BrowseControl web filter and BrowseReporter employee monitor software. We help businesses improve employees productivity and restrict Internet access.

Comments are closed.