What Is Bad USB?

The phenomenon of using the USB for malicious intent can be termed as Bad USB. USB Thumb Drives are the last considerations of malicious intent. However, if manipulated, they can takeover almost everything.

Some interesting demonstrations have been done at Black Hat conference by 2 highly regarded security researchers.

Listen To Karsten's Talk: Bad USB On Accessories That Turn Evil )

Possible Ways To Mitigate Bad USB Threats

  • Whitelisting USB devices
  • Block Critical Device Classes, Block USB Completely
  • Scan Peripheral Firmware For Malware
  • Use Code Signing For Firmware Updates
  • Disable Firmware Updates In Hardware

Limitations In Bad USB Mitigation Strategies

  • Whitelisting USB devices
    • Unique Serial No. may not be available in some USBs
    • Operating Systems don't support any USB Whitelisting
  • Block Critical Device Classes, Block USB Completely
    • Ease Of Use will override
    • USB usability is highly reduced if basic classes are blocked
      (Basic classes can be used for compromise)
  • Scan Peripheral Firmware For Malware
    • Very challenging, Malicious firmwares can spoof a legitimate one
  • Use Code Signing For Firmware Updates
    • Unauthorized updates still have a high chance eg. implementation error
    • Challenges in implementing secure cryptography on microcontrollers
    • Challenges in implementing for all devices
  • Disable Firmware Updates In Hardware
    • Most effective, however this may be available only for new devices

Threat

  • Present Security Solutions cannot detect malicious intent of USB
  • It can be used for spying,data theft,data tampering,almost anything-it can take control etc.
  • Security has to be built in before commercializing the product-no response yet on that!
  • Post Derbycon Hacker Conference 2 researchers have made some attack codes public-this puts millions of us at risk

( Read More: Top IT Security Conferences In The World )

 

References

1. Extracts have been taken from 'Bad USB On Accessories That Turn Evil' Talk by Karsten Nohl during Annual Summit, 2014. Click Here For Full Talk

2.http://securityaffairs.co/wordpress/27211/hacking/hackers-can-explo...

3.http://www.wired.com/2014/10/code-published-for-unfixable-usb-attack/

4.http://www.zdnet.com/article/badusb-big-bad-usb-security-problems-a...

Views: 984

Join the Discussion ...

You need to be a member of CISO Platform to join the discussion!

Join CISO Platform

© 2019   Created by CISO Platform.   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service