k_Street Consulting, LLC Blog
Malware BadUSB Challenges Our Dependency on USB Technology
Your office is likely full-to-bursting with devices utilizing USB technology. It's been a popular way to connect external devices to PCs since the 1.1 version was released in 1998. However, it may be the technology's popularity that will cause its downfall as hackers develop ways to use the device to their advantage.
A USB vulnerability was recently found by researchers Karston Nohl and Jakob Lell. They came to the conclusion that the USB software is fundamentally broken and can be exploited by hackers. This is a major find because they're saying that it's the firmware used in every USB device that is flawed, which is separate from the flash memory the device uses to do what it's designed to do.
To bring attention to this USB vulnerability, the two researchers created a malware called BadUSB. This malware has the potential to comprise an entire PC if it's installed on a USB drive. This malware can alter files, manipulate Internet browsing, and more--all without being detected! BadUSB is able to bypass detection measures from security protocols such as antivirus scans by embedding itself within the firmware that controls the functions of the USB device. Therefore, even if the device's flash memory storage were deleted, it wouldn't erase the BadUSB malware.
Essentially, once a device becomes infected with BadUSB, the malware is on there for good and it can't be fixed. A simple patch won't do the trick. The problem lies within the physical device itself and would take rewriting the code of the USB device. The malware changes the code for the controller chip--the chip responsible for the device-to-PC communication. Malware hidden in the device's firmware would be able to go undetected by even an experienced IT technician. If the code can't be detected, then it can't be scrubbed. The only way to find the malware would be to reverse-engineer the code--a major task.
If this malware were to be used by hackers and become widely distributed, then the only way to counter BadUSB would be to stop using USB devices altogether. All you have to do is take a quick look around your office at all of your USB devices to realize just how impossible of a preventive move this would be. Even the wireless devices like mouses and keyboards connect to PCs using a USB adaptor.
It would be next to impossible to stop using USB technology, but one thing you can do is be extra careful about what USB devices you allow to connect to your workstations and network. For example, only using new USB devices would be a safer move than allowing unchecked secondhand devices to plug into your company's workstations.
Since most mobile devices utilize USB technology, one of the best preventive measures you can take is to have a strong Bring Your Own Device policy. This includes having strict measures in place, like only allowing approved devices to access your company's network. You can even go as far as disabling open USB ports on workstations in order to prevent unnecessary access from infected devices.
k_Street Consulting, LLC can arm your business with some BadSolutions that will keep your business safe from malicious malware. Our strongest malware deterrent is our Unified Threat Management solution that offers your business comprehensive enterprise-level security for your entire network. Call us at (202) 640-2737 to learn more.
Comments