Don’t Take Candy or USBs from Strangers – USB attack is the serious threat

USB attacks cannot take place without human involvement because they rely on an individual (either knowingly or unknowingly) inserting a flash drive laced with malware into an unprotected device, typically located in a public place such as an office. Sometimes the drives are inserted out of curiosity, but they can also be plugged into a computer located nearby in a misguided act of helpfulness.

Researchers at the University of Illinois and University of Michigan found that a discarded USB stick has a nearly 50% chance of getting picked up by someone who will plug it into a computer to find out what’s on it.

The weaponizing of USB devices goes back to 2010. There are at least 29 different types of USB malware attacks that you can be hit with and they are not limited to storage devices. Any device with a USB port, including popular commodities like phone chargers, mice, keyboards and USB fans, can become a threat vector.

Some attacks involve the use of keyloggers – monitoring software designed to record keystrokes made by a user and relay it to their attacker. Threat actors can use this tactic to steal credentials and financial information.

In this demonstration, Paula Januszkiewicz shows how a threat actor can use a USB attack to gain access to a computer and alter the bank details on invoices belonging to the user so that money intended for the victim goes to the attacker.

Educating those around you about the dangers of USB attacks and about device security in general will help protect them and you from digital malice. Even though nowadays Windows by default will not execute malicious code without a user’s interaction, USB devices still can be a serious threat. On the other hand USBs simulating HID devices can still act as a keyboard and mouse and start interacting with your system right after plugging in. Even USB given to you by a trusted friend could have been infected with malware without their knowledge, so practice caution and use good quality antivirus software.

If you have to get data from a suspicious USB drive, plug it into a buffer device first and scan it for malware. And finally, never plug in a USB drive or phone charger that you find in a parking lot.

Comments