Blackshades, Heart Bleed, IE exploits, the list goes on. Large security breaches are becoming more and more common unfortunately, and it is difficult to predict where the next one will come from.
A security firm in Germany believes the next one is from USB devices of all things. They’ve managed to create a proof of concept piece of software that they call BadUSB. I’ll admit it’s not the most creative name I’ve heard, but the German style has always been about efficiency which the name gets spot on. It’s a nasty piece of malware that can break your system in three different ways:
The worst part?
It can’t even be found by today’s malware scanners, so once this thing is on a USB device you can’t get it off. The technical reason for this is that the malware hides in the firmware of the USB, the software that runs the device. Scanners cannot access the firmware running on the USB devices, and if they can’t access it then they find it. It’s as simple as that.
So what do you do?
Well in the long run USB makers will add security layers to their firmware, making it more difficult for something like BadUSB to exist. But that could be years away, and with the pressure to lower the cost of USB devices it seems unlikely that this security, which doesn’t even exist yet, will ever be added on some of the cheaper models.
One solution is to ban the use of USB devices in your business, but unfortunately that isn’t very practical. They’re incredibly useful, and have gained wide acceptance in the workplace. Open your desk drawer right now and there’s probably 3-5 USB devices right there. Take a look at your key chain you probably have 2-3 more hanging right there that you take everywhere.
The solution I’ve come up with is AccessPatrol. It’s an inexpensive device control software that allows you to protect company computers from USB devices. With it, you can allow, block, and set devices to read-only. You can limit which storage devices have access to your company network, whether it’s by allowing set of company USB devices or by simply blocking all USB device access.
This way harmful devices brought in from outside sources will automatically be blocked, thus stopping any threat from USB devices. Try it out today, its security software of the future, and it could just stop the next big security breach.
By: Mike Kachaniwsky
Get started today—Download the FREE template and customize it to fit the needs of your organization.
Fill out the form to sign up for Catching Up With CurrentWare, a monthly newsletter with our latest articles, resources, and news.
| Thank you for Signing Up |
Download this FREE removable media policy template to help protect the sensitive data in your custody.
👉 Set data security standards for portable storage
👉 Define the acceptable use of removable media
👉 Inform your users about their security responsibilities
Cookie | Duration | Description |
---|---|---|
cookielawinfo-checkbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
cookielawinfo-checkbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
cookielawinfo-checkbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |