The Dark Side of USB: How Hackers Can Use Them Against You

 
 

USB drives are affordable and convenient, but that makes them attractive targets for hackers. Here’s how to avoid getting scammed by these portable storage devices.

It's simple to forget that hackers may access both large and small systems through physical components, especially USB drives, in the age of email-based intrusions.

A study by Honeywell Forge found that 79% of USB cyberattacks had the potential to interfere with operational technologies, such as the regular operations of an industrial facility. 51 percent of them have remote access capabilities. However, not only large industries should take precautions against these risks; everyday people should do the same. In this article, we'll define USB attacks and discuss how to protect yourself against them.

What is a USB attack?

A USB attack essentially does what it says on the tin: it uses a USB-connected device, like a thumb drive or hard drive, to infiltrate a computer or another USB-connected device, like a smartphone, with malicious software. By supplying an electrical charge, faulty USB devices can also be used to break or destroy a computer.

The capability of USB assaults to grant hackers remote control of a device is one of the most alarming features. For instance, the 2010 Stuxnet attack notoriously infected Iranian nuclear development sites. Facilities tied to the electricity grid, the oil industry, and other Internet of Things networks might all be compromised using the same types of breaches.

There are numerous methods a cyberattacker could infect your computer with an exploit using a USB device. The two most popular methods, known as "juice jacking," are through thumb drive devices and public USB charging stations.

Depending on what they do after they are attached to your device, USB device attacks can be divided into three main groups.When plugged in, devices with reprogrammed internal microcontrollers perform a different function, such as behaving like a keyboard and typing specific keystrokes. These devices will look like conventional thumb drives. The attack on the Rubber Ducky is one illustration.

When a USB device is attached, its internal firmware is modified so that it automatically performs a certain action, such as downloading malware or stealing data. The iSeeYou attack, which reprogrammed a specific class of Apple webcams to enable the attacker to record footage without the target's knowledge, serves as an illustration of this.

USB attacks can also exploit existing flaws in the way computers and USB devices interact. A common example of this attack is the Device Firmware Upgrade (DFU) attack, which uses a USB device to reprogram legitimate firmware into something more malicious. 

There are even attacks like USB killer, in which a connected USB device stores power from a computer’s USB power lines until it reaches a certain level, then aggressively discharges it and fries the connected computer.

How to Avoid USB Attacks

While these attacks sound scary, there are ways to prevent them. 

While these attacks sound scary, there are ways to prevent them. 

Never connect unknown drives

Many USB security issues are the result of social engineering, or psychological ploys used to persuade users to connect a malicious device. It's crucial to avoid falling for this because it's included in almost every sort of cyberattack and scam.

Never attach a USB drive you don't recognise to your computer if you find it dropped somewhere, such in a parking lot. Human curiosity is used by malicious actors to infect your device. In a public area, such as a hospital, they will leave it and wait for someone to plug it in. It's referred to as a drop attack.

Sending USB devices to individuals in the mail disguised as promotional offers from large box tech retailers like Best Buy is an additional prevalent approach. The bottom line is to be cautious of any USB sticks you find or receive for free without asking, whether they are from a company you are familiar with or not.

Work-Life Harmony

To prevent spreading harmful software from your home computer to your business network, keep any USB drives you use for work apart from anything personal. A regular antivirus and/or anti-malware scan of your USB drives is another option, and encryption software may prevent hackers from accessing your data in the event of a breach. Disconnect from the internet and restart your computer if you believe you may have connected a malicious device to your computer.

Disable Autorun

Disabling autorun features on your devices will help keep malicious code from automatically executing when you plug in a drive. On Windows, open Control Panel and find the AutoPlay setting. Uncheck Use AutoPlay for all media and devices to prevent unknown devices from launching without alerting you or asking for permission.

Get Off the Grid

Try utilising a computer that is "air gapped," which means it isn't linked to the internet or any other networks, if you really must find out what's on an unknown flash drive.

Airtight security does not imply air-gapped computers. An air-gapped network and a flawed USB were both employed by the Iranian nuclear development site that was affected by the Stuxnet attack. The malicious programme started to operate as soon as the drive was connected. As a result, if you use an air-gapped computer to test a dubious USB drive, you should only use that computer for that purpose and not connect it to any other computers on your network.

Go Virtual

Try downloading virtualization software, such as Oracle's free VirtualBox, if you're more tech savvy. It enables you to build a virtual environment within your computer that runs a mimicked version of your computer. Without harming your data or network, you can plug in the drive and open it in the virtual environment. Windows users have access to Windows Sandbox as well.

Do Not Disregard Updates

Maintain system updates, particularly if you use Windows. Attackers frequently take advantage of the fact that users frequently put off updating their systems, even when updates contain patches for critical issues.

Keep Your Guard Up

No cybersecurity method is foolproof, and that includes steps taken to prevent USB attacks. The methods described here are, however, a whole lot better than plugging in a weird USB drive you found and hoping for the best. 

Remember never to trust unfamiliar drives, scan the ones you do use regularly, and take advantage of security options like passwords, PIN keys, and data encryption. Hopefully, awareness of the tactics that cyberattackers use coupled with solid hardware and software security will help you stay free of any nasty digital infections.

Protecting your business from cyber attacks starts with ensuring that your employees are aware of the risks and how to prevent them. At Interware, we offer comprehensive awareness training that can help your team stay informed and vigilant against potential threats. Get started here!

 

Related Blogs

Interware Blogs
Prepare for Pen Test.PNG
How to Plan and Prepare for Penetration Testing
AI.PNG
5 Steps to Get Ready for a Future with AI
Employees.PNG
Employees Are Your Biggest Cybersecurity Threat
OT.PNG
Considerations for Operational Technology Cybersecurity
Checklist 4.PNG
CISO Perspectives on Complying with Cybersecurity Regulations
Squarespace Blogs - Lily (2).png
Combatting the Evolving SaaS Kill Chain: How to Stay Ahead of Threat Actors
Saas Security.PNG
New Research Warns About Weak Offboarding Management and Insider Risks
Squarespace Blogs - Lily (3).png
Design an Effective Cybersecurity Awareness Training Program for SMB Employees
EDR.png
What's the Right EDR for You?
Squarespace Blogs - Lily (7).png
4 Cyber Threats that Frequently Evade Detection
Challenges - Lily (2).png
Preparing for Cybersecurity Challenges of 2024
Pen Test.PNG
Benefits of Network Pentesting
Compliance.png
Implementing Zero Trust Controls for Compliance
Cyber Security.PNG
“Securing Business Communication Channels: Defending Against Hackers”
Squarespace Blogs - Lily (1).png
Prioritize Cybersecurity Spending
Squarespace Blogs - Lily.png
Defense is the best offense!
Supermassive “Mother of All Breaches“: 26 Billion Records Leaked— And What You Can Do to Protect Yourself
Supermassive “Mother of All Breaches“: 26 Billion Records Leaked— And What You Can Do to Protect Yourself
Getting off the Attack Surface Hamster Wheel: Identity Can Help
Getting off the Attack Surface Hamster Wheel: Identity Can Help
Why Public Links Expose Your SaaS Attack Surface
Why Public Links Expose Your SaaS Attack Surface
Squarespace Blogs - Lily (9).png
Remote Encryption Attacks Surge: How One Vulnerable Device Can Spell Disaster
Squarespace Blogs - Lily (12).png
Cost of a Data Breach Report 2023: Insights, Mitigators and Best Practices
Reimagining Network Penetration Testing With Automation
Reimagining Network Penetration Testing With Automation
Unveiling the Cyber Threats to Healthcare: Beyond the Myths
Unveiling the Cyber Threats to Healthcare: Beyond the Myths
Hacking the Human Mind: Exploiting Vulnerabilities in the 'First Line of Cyber Defense'
Hacking the Human Mind: Exploiting Vulnerabilities in the 'First Line of Cyber Defense'
Kubernetes Secrets of Fortune 500 Companies Exposed in Public Repositories
Kubernetes Secrets of Fortune 500 Companies Exposed in Public Repositories
How Multi-Stage Phishing Attacks Exploit QRs, CAPTCHAs, and Steganography
How Multi-Stage Phishing Attacks Exploit QRs, CAPTCHAs, and Steganography
Offensive and Defensive AI: Let's Chat(GPT) About It
Offensive and Defensive AI: Let's Chat(GPT) About It
Unleashing the Power of SaaS Security
Unleashing the Power of SaaS Security
Ransomware Attacks Double: Is Your Business Prepared for 2024's Cyber Threats?
Ransomware Attacks Double: Is Your Business Prepared for 2024's Cyber Threats?
Guard Your Data from Exposure in ChatGPT
Guard Your Data from Exposure in ChatGPT
business, cybercrimeEd Fung