Currently over 3 billion USB devices are shipped every year with a large proportion of them being the USB flash drives. There is no denying that the majority of people are familiar with this technology.
Every one of you must have owned a USB flash drive in the past. But what many of us don not know anything about is USB disk drive security. How often must all of us had inserted our flash drive, mindlessly into the computers, never doubting that these nifty little devices are not immune to security threats as we presume. The truth is that USB disk drive security is paramount and that all USB products, inclusive of Flash drives (particularly), are susceptible to several destructive forms of malware.
All USB drives come included with a firmware chip, which is in control of all of its basic functions. This firmware can be corrupted and taken control of by malwares.
So how is this significant? Well, one type of malware, “BadUSB” infects by latching onto USB product’s firmware. There is another kind of firmware “USBdriveby”, that remotely attacks computer’s USB ports and I also very difficult to detect.
So all in all, USB disk security is very important and below we will discuss the abovementioned two malwares and solutions for them.
So what exactly is BadUSB and what is its method of work? As explained briefly above, BadUSB is a kind of malware that basically exists and tinkers the code of USB’s important firmware.
Every time you plug in a USB device with infected BadUSB, the malware can completely take you’re your PC, alter files from flash drive without you knowing and maybe even redirect your internet traffic.
BadUSB and malware like it are so dangerous because of the fact that they’re incredibly hard to protect against. A Standard virus or malware scanner won’t detect them, simply because do not (are unable to) check a device’s firmware.
So logically, the only way to really make sure and know that if a USB device has BadUSB would be to sift through its firmware code line by line and detect where the malware was inserted. This is no small task and average users, even experts won’t be able to do this.
[related]Learn to make a bootable Windows USB Disk[/related]
If you are not scared easily by BadUSB, then USBdriveby might. USBdriveby essentially works as a remote interacting with a computer’s USB ports, gaining access and then proceeding to wreaking havoc and destruction.
Like BadUSB, USBdriveby basically works by taking advantage of some inherent flaws within USB protocols. Firstly, it pretends to be a USB keyboard or mouse. Then afterwards, it shuts down the computer’s security, opens a backdoor for a hacker to gain access later and quietly leaves the system without a trace.
Unless you’re a really good programmer and rummage through computer’s operating system, you would not be able to find the backdoor till it is too late.
Solutions – Avoiding USB Disk Viruses and Bad Sector Issues
- Can USBdriveby be stopped? Well not exactly, since the problem is in USB architecture itself, meaning one would have to completely take apart USB ports to completely keep them safe.
- All one can really do to stop something like USBdriveby is to keep electronics away from remote microcontroller devices.
- What about something like BadUSB? Can one do something about that? Not exactly, but you can take some precautions to make life easier.
- No 1 rule for usb disk security is to not plug you flash drives into suspicious computers and vice versa for suspicious flash drives from other computers.
- So in a way, researchers want us to treat USB devices like hypodermic needles.
- Additionally to getting us aware about the security risks of USB products, researchers are also making efforts for getting companies and USB manufacturers to admit the problem of these kind of malwares. They hope to change the way we use these device and also the way they are designed.
- There are of course common variety viruses and malware associated with USB drives as well. Some rely on auto run features which you should disable. I once had to clean re-install an OS after I had plugged in a friends USB into my laptop.
- One of the good countermeasures in terms of disk security software for these common place viruses is USB Disk Security by zbshareware (Google this Software). It is very light and gets the job done.
- Overall, it was always going to be a matter of time before people started exploiting novel technology like USB for nefarious means. With rise of high speed internet availability everywhere, it is good time to adapt more secure means of data distribution like online cloud services.
- Yet, majority of us would not be giving up the USB soon, only if for the sake of convenience. We can always hope that somebody removes the various vulnerabilities in USB disk security architecture or we will be facing many such problems ahead.