HOME     MENU     SEARCH     NEWSLETTER    
NEWS & INFORMATION FOR TECHNOLOGY PURCHASERS. UPDATED 13 MINUTES AGO.
You are here: Home / Enterprise I.T. / BadUSB Turns Thumb Drives Evil
Build Apps 5x Faster
For Half the Cost Enterprise Cloud Computing
On Force.com
BadUSB Exploit Turns Thumb Drives Dangerously Bad
BadUSB Exploit Turns Thumb Drives Dangerously Bad
By Jennifer LeClaire / NewsFactor Network Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
AUGUST
04
2014

If you depend on a USB device to transfer files from one machine to another, you may want to start thinking about cloud storage. That’s because researchers have discovered a flaw in USB design specifications that could put your machines at risk.

According to SR Labs, a German security firm, the versatility of USBs are also their Achilles heel. Think about it for a minute. Almost any computer, from desktops to healthcare devices to storage, can connect using USBs.

“Since different device classes can plug into the same connectors, one type of device can turn into a more capable or malicious type without the user noticing,” SR Labs wrote in a blog post warning about what it is calling BadUSB. “To turn one device type into another, USB controller chips in peripherals need to be reprogrammed. Very widely spread USB controller chips, including those in thumb drives, have no protection from such reprogramming.”

The Really Bad News

Once reprogrammed, SR Labs warned, benign devices can turn malicious. The firm outlined three specific ways a good USB turns into a so-called BadUSB.

SR Labs warns a device can emulate a keyboard and issue commands on behalf of the logged-in user to enter files or install malware. In turn, the firm explains, such malware could infect the controller chips of other USB devices connected to the computer.

Alternatively, the device could also spoof a network card and change the computer’s DNS setting to redirect traffic. Or, the firm explained, a modified thumb drive or external hard disk can boot a small virus when it detects that the computer is starting up. That virus infects the computer’s operating system prior to boot.

If you think that’s bad news consider this: There’s no known defense. According to SR Labs, malware scanners can’t access the firmware running on USB devices. That, the firm continued, is because USB firewalls that block certain device classes do not exist. What’s more, behavioral detection is difficult because the behavior of a BadUSB device looks like a user has merely plugged in a new device.

And that’s not even the worst of it. SR Labs is also warning that clean up after an infection is a difficult task, in part, because reinstalling the operating system doesn’t address BadUSB infections at the root.

“The USB thumb drive, from which the operating system is reinstalled, may already be infected, as may the hardwired webcam or other USB components inside the computer,” the firm said. “A BadUSB device may even have replaced the computer’s BIOS -- again by emulating a keyboard and unlocking a hidden file on the USB thumb drive. Once infected, computers and their USB peripherals can never be trusted again.”

How To Protect Yourself

We turned to Paul Ducklin, a senior security advisor at Sophos, to get his take on BadUSB. He told us this has been a potential problem for years and the wheels aren't entirely coming off yet.

“The biggest risk right now with putting your USB into someone else's computer is that they could, if they wanted, scrape all the data off it -- including stuff you thought you'd deleted -- while displaying your PPT file for the duration of your lecture, or whatever, and you'd simply never know,” Ducklin said.

“So if you want a USB security bridge to cross before sweating over this new, BlackHat-friendly one, [then] data leakage protection -- and/or device encryption -- are your first friends to make,” he added.

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY INTEREST YOU
UCS Invicta: Integrated Flash Why wait for the future? Unlock the potential of your applications and create new business opportunities today with UCS Invicta Series Solid State Systems. Take advantage of the power of flash technology. See how it can help accelerate IT, eliminate data center bottlenecks, and deliver the peak application performance and predictability your users demand. Click here to learn more.
MORE IN ENTERPRISE I.T.
Product Information and Resources for Technology You Can Use To Boost Your Business

ENTERPRISE HARDWARE SPOTLIGHT
Making a major change to its usually staid design philosophy, HP unveiled an all-in-one PC with built-in projector and surface-enabled touch, designed to make 3D scanning and printing easy.
© Copyright 2014 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.