We use cookies to give you the best online experience. By using our website you agree to our use of cookies in accordance with our cookie policy.

croom new

Preferred Blog

Preferred has been serving the Tinley Park area since 1991, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

USB Software is Bad to the Bone, Literally

USB devices have long been a staple of the technology world, but are notoriously vulnerable to exploitation from hackers and malware. As malware grows more and more sophisticated, you can no longer trust simple antivirus scans to protect your business.

Unfortunately, it has less to do with what the USB carries than what it is made out of. Researchers Karston Nohl and Jakob Lell plan on presenting their findings which dictate that USB software is fundamentally broken; in other words, it's the software itself that is the problem, not what the devices themselves contain. Nohl and Lell created a type of malware called BadUSB, which when installed on a USB drive and can potentially compromise a computer, alter files installed with the drive without being detected, and mess with the user's Internet browsing.

Bad to the Bone
BadUSB lives up to its name due to how difficult it is to locate, especially post-exploitation. BadUSB lies within the firmware that controls the functions of USB devices, not in the flash memory storage of them. This lets the attack code remain undetected even after the device's storage has been deleted or scanned by antivirus software.

What's even worse is that this isn't a problem that can be fixed. The total compromise that BadUSB displays is impossible to counter completely (unless USB drives are banned altogether - something that is both inconvenient and frankly, not possible for most PC users). It's not as simple as patching software, as the vulnerability lies in rewriting the code within the device.

B-b-b-b-b-bad
Nohl and Lell aren't the first to point out these glaring vulnerabilities in USB firmware. While they could have easily copied the code into the USB device's memory, they spent month's reverse-engineering the controller chips, which is the part of the device that is responsible for communicating with the PC. Basically, the USB firmware's code can be reprogrammed to hide malicious code. This prevents even experienced IT technicians from detecting the code and scrubbing it, making it all but impossible to detect without reverse-engineering the code and discovering its presence.

B-b-b-b-b-bad
These days, anything with wires is considered a hindrance. The same is true for most technical devices, including wireless keyboards and mice. These utilize USB technology, and as such, they are vulnerable to being reprogrammed and exploited. Once BadUSB makes its way into the system, it can do all sorts of unpleasant things, including replacing software with malicious alternatives, impersonating a wireless keyboard, and hijacking Internet traffic. It can even spy on unsuspecting victims, too.

We're Here to Tell Ya Honey...
The only sure-fire way to keep yourself safe from USB devices is to not use them, but for most of us, that isn't an option. USB drives are too useful for moving data, and forget about not using a wireless mouse. The easiest solution is to not use USB devices that you don't trust or are unfamiliar with, but a long-term solution hasn't made itself available yet. As previously mentioned, the problem lies in the gadgetry of USB technology, and in order to "patch" the problem, USB technology would have to change.

This isn't a threat right now (at least as far as we know) since Nohl and Lell didn't create BadUSB maliciously. It's not spreading across the Internet or via USB devices, but instead they are proving that it could be a threat in the future. Eliminating USB devices from your life isn't feasible, but it does carry into your BYOD policy. You want to control what devices your employees are connecting to your network and workstations.

If you are concerned about the quality of your network's security, you should contact Preferred at 708-781-7110. We'll take steps to ensure that you are only allowing secure devices to access your network, and we'll equip you with an enterprise-level security solution to screen any foreign entities.

4 Benefits of Virtualizing Your Desktop
Use a Firewall Before You Get Burned
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Saturday, November 16 2024

Captcha Image

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Mobile? Grab this Article!

      Qr Code

      Blog Archive

      Latest Blog Entry

      Financial management and accounting are two business needs that apply to all organizations of any size or industry. Fortunately, these organizations have access to tools like Intuit QuickBooks to help them fill these needs in a way that is accessible and convenient. Let’s re...

      Latest News

      Best Places to Work - 5 YEARS STRONG!!

      Preferred is once again, honored for being a Best Place to Work for the fifth straight year!  Our team is what makes Preferred a Best Place to Work.  

      Daily Herald Suburban Business 2024 Best Places to Work Honorees The Daily Herald Suburban Business has announced the names of 51 companies, in 5 categories of competition, that are honored as the 2024 Best Places to Work in Illinois. This statewide survey and awards program was designed to identify, recognize and honor the best places of employment in Illinois, benefiting the state's economy, its workforce and businesses.