So it turns out all those warnings about malicious files on an infected USB sticks were a little more than just true. Security researchers have been warning us about them since forever.
But it was only recently that they realized that the threat was far more dangerous than what they thought earlier, its widespread, virtually undetectable and takes much more than installing a simple antivirus software. Researchers from Berlin using reverse-engineering techniques on the software files that control the functioning of the USB drive’s software revealed that a PC can be completely controlled by reprogramming this so-called firmware. A firmware is actually software program that is programmed onto a hardware device and determines the communication process with other devices including computers. Unless it is updated by a ‘firmware updater’, it remains unchanged or “semi-permanent”.
Updates for each firmware are installed onto the device the first time it is used or during an update so it works on a new operating system. Manufacturers often update firmware in order to enhance the performance of devices. These alterations are made at a focal level before being implemented on to individual devices as well. The problem was discovered by Jakob Lell and Karsten Nohl at Security Research Labs and has been labelled in the industry as BadUSB. It not only harms the thumb-connected drives and external hard drives but also any device connected to the PC through the USB port. This includes keyboards, mouse, phones, tablets or any device that we connect with it via the USB port.
The USB interface standard took over the electronic industry in the past two decades owing to its versatility. Nearly any computer peripheral can be connect this way, be it storage gadget or input gadgets or healthcare devices.
This versatility is also a problem because since different devices can be plugged in via the same connectors, one device can be a major source for malicious files without getting the user’s attention. Hackers could gain access to a PC easily by reprogramming the central firmware of the USB with malicious code which is then transferred to individual devices connected to it afterwards. The hackers realized that they could use BadUSB to communicate their own commands on behalf of the user such as installing files, or emulating a keyboard or installing malware. This malware would then start a chain of infecting other USB port devices.
The device can also alter a network card’s programming and can have computer’s settings to be changed such that web traffic is redirected to some sites without any user command. According to Mr Nohl and Mr Lell, there are no effective defences from USB attacks as of yet because USB firewalls that would be able to block certain types of devices from connecting have not yet been invented and malware scanners cannot gain access to the firmware running on the connected USB devices.
Moreover, behavioural detection is even more difficult, because BadUSB functions in a way so as to seem that the user has simply plugged in another device to the PC. Research in this area is to be presented at the Black Hat security conference in Las Vegas soon.
‘USB has become so commonplace that we rarely worry about its security implications,’ they further continued. ‘USB sticks undergo the occasional virus scan, but we consider USB to be otherwise perfectly safe – until now. We demonstrate a full system compromise from USB and a self-replicating USB virus not detectable with current defences.’
Unfortunately, even under the current research and advancements, there is very little a user can do to save his devices from this menace.
The best course of action, however, according to researchers is to use 100% trustworthy USB devices, about which the user knows that they have not been connected to any other device to undergo the risk of compromise.
Hey there Twitter works fine but your website is running steadily which actually had taken close
to one minute to be able to load up, I’m not sure whether it is my own issue or your website problem.
Around the other hand I appreciate you for submitting excellent articles.
Everyone who actually discovered this site really should
have found this content totally useful. This is terrific everything that you actually
have concluded here and would like to discover nice posts from your
site. I already have your site saved to bookmarks to see new
stuff you post.
Hey there! Your site is running slow for my situation, this kind of consumed sort of a minute or two to actually reload,
I dont know if it’s just simply me or maybe your websites on the other hand google loaded fine for me.
Around the other hand thanks for putting up brilliant article.
I’m guessing it has become helpful to a lot of people who came at this point.
This is definitely terrific everything that you have concluded in this article and
would like to check out even more content by you. After looking at the article, I have book
marked your web site.