­
Bad USB Defense Strategies - All Articles - CISO Platform

All Articles

Bad USB Defense Strategies

Posted by pritha on August 18, 2015 at 12:00am

What Is Bad USB?

The phenomenon of using the USB for malicious intent can be termed as Bad USB. USB Thumb Drives are the last considerations of malicious intent. However, if manipulated, they can takeover almost everything.

Some interesting demonstrations have been done at Black Hat conference by 2 highly regarded security researchers.

Listen To Karsten's Talk: Bad USB On Accessories That Turn Evil )

Possible Ways To Mitigate Bad USB Threats

  • Whitelisting USB devices
  • Block Critical Device Classes, Block USB Completely
  • Scan Peripheral Firmware For Malware
  • Use Code Signing For Firmware Updates
  • Disable Firmware Updates In Hardware

Limitations In Bad USB Mitigation Strategies

  • Whitelisting USB devices
    • Unique Serial No. may not be available in some USBs
    • Operating Systems don't support any USB Whitelisting
  • Block Critical Device Classes, Block USB Completely
    • Ease Of Use will override
    • USB usability is highly reduced if basic classes are blocked
      (Basic classes can be used for compromise)
  • Scan Peripheral Firmware For Malware
    • Very challenging, Malicious firmwares can spoof a legitimate one
  • Use Code Signing For Firmware Updates
    • Unauthorized updates still have a high chance eg. implementation error
    • Challenges in implementing secure cryptography on microcontrollers
    • Challenges in implementing for all devices
  • Disable Firmware Updates In Hardware
    • Most effective, however this may be available only for new devices

Threat

  • Present Security Solutions cannot detect malicious intent of USB
  • It can be used for spying,data theft,data tampering,almost anything-it can take control etc.
  • Security has to be built in before commercializing the product-no response yet on that!
  • Post Derbycon Hacker Conference 2 researchers have made some attack codes public-this puts millions of us at risk

( Read More: Top IT Security Conferences In The World )

 

References

1. Extracts have been taken from 'Bad USB On Accessories That Turn Evil' Talk by Karsten Nohl during Annual Summit, 2014. Click Here For Full Talk

2.http://securityaffairs.co/wordpress/27211/hacking/hackers-can-exploit-usb-devices-trigger-undetectable-attacks.html

3.http://www.wired.com/2014/10/code-published-for-unfixable-usb-attack/

4.http://www.zdnet.com/article/badusb-big-bad-usb-security-problems-ahead/

Views: 688
Tags: BadUSB, attack, bad, badusb, is, protection, usb, what
E-mail me when people leave their comments –
Follow
Posted by pritha

Community Head, CISO Platform

You need to be a member of CISO Platform to add comments!

Join CISO Platform

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Join CISO Community Share Your Knowledge (Post A Blog)
 

 

 

City Round Table Meetup - Mumbai, Bangalore, Delhi, Chennai, Pune, Kolkata

Apr 15, 2025 at 8:00am to May 15, 2025 at 10:00am UTC+5.5
India
  • Description:
    CISO Playbook Round Table Overview : 
    Our round tables are designed to bring together top CISOs and IT leaders in intimate, focused sessions. These closed-door discussions will provide a platform to explore key security challenges and solutions. These sessions aim to create a focused, closed-door environment where 08-10 CISOs will dive deeply into the practicalities of implementing specific technologies.
    • Technology Implementation: From…
  • Created by: Biswajit Banerjee
  • Tags: ciso, playbook, round table

Multi-city Round Table

May 8, 2025 from 6:00pm to 9:00pm UTC+04
Dubai
  • Description:
    CISO Playbook Round Table Overview : 

    Our round tables are designed to bring together top CISOs and IT leaders in intimate, focused sessions. These closed-door discussions will provide a platform to explore key security challenges and solutions. These sessions aim to create a focused, closed-door environment where 08-10 CISOs will dive deeply into the practicalities of implementing specific technologies.
    • Technology…
  • Created by: Biswajit Banerjee