You can be forgiven for ignoring all the advice when it comes to sharing USB Drives. After all it’s just so easy to swap work files, presentations, or personal files such as photos and music. Lots of people do it all the time. However two researchers from the German Security firm SR Labs have clearly demonstrated the risks that we all take when exchanging files through our pen drives.
In this article we will discuss what it exactly is that Karsten Nohl and Jakob Lell have discovered, what it means to everyone who regularly uses a USB Pen Drive to swap files, and how you can avoid it happening to you.
What Does their Research Say?
Nohl and Lell say (maybe a bit sensationally) that “we should start treating USB drives as hypodermic needles and throw them away as soon as they touch another computer“. Although this statement seems to be a bit over the top, the two researches back up their claims with a very deceptive malware called ‘BadUSB’.
Basically the two researchers reverse engineered the original firmware (the part if the device which communicates with the PC and moves files between them) installed on a USB chip by the producers. This means that it is almost completely untraceable to the user and is built into the very core of the device. It can perform many tasks without the user’s knowing. These tasks include:
- Completely taking over a PC
- Altering files installed from the memory stick (even long after the user thought that they had been deleted)
- Redirecting the user’s internet traffic
- Taking over a USB keyboard and issuing commands
- Replacing installed files with corrupted versions
This malware isn’t only restricted to USB Pen drives but also anything that can be connected to a computer by a USB. The team have also produced malware which works through an android device.
If you were unlucky enough to fall victim to a serious bug like this you would be incredibly vulnerable to attack.
How to avoid it happening to you
The advice given by Nohl and Lell is brutally simple – we need to completely rethink the way that we use our USB devices. If your device comes into contact with any USB drive that is not completely trusted then you should simply throw it away and buy a new one. You should also be sure that no unknown device comes into contact with your computer’s USB ports.
The advice is so extreme because modern viruses will be almost impossible to find. The researchers told Wired.com that:
“You can give it [your USB device] to your IT security people, they scan it, delete some files, and give it back to you telling you it’s ‘clean’. But unless the IT guy has reverse engineering skills to find and analyse that firmware, the cleaning process doesn’t even touch the files we are talking about.”
Who is really the target?
There are plenty of rumours concerning who is really using these devices to their advantage and who is actually being targeted. The recent Edward Snowden files which showed the inner workings of the United States intelligence Agency, NSA, are already suspected of using this type of malware to target suspected threats.
Although you are unlikely to be on a government list – as this problem can spread so easily in today’s age of sharing you still need to be very careful. You could easily fall to victim to a similar virus even if you weren’t the original target.
What this means for us
If you are a working professional you will need to be constantly sharing files with co-workers. These could be presentations or Word Documents. But there are many ways to do this without having to share your USB drive between different computers. Use online services such as Dropbox or simply send them via email. You should also use separate USB devices for your professional work and personal life.
Overall the research tells us all what we already knew – Our USB devices are a potential way for a hacker to gain access to our computer and all that it holds. However, Nohl and lell’s research is the most damning yet.
It shows that as things become more and more refined and targeted we have almost no chance of spotting the virus ourselves. Even a qualified professional would have no idea without spending a lot of time reverse engineering your device. And who wants to go through this bother all the time?
No-one.
That’s why it’s best to follow their advice and not let your device come into contact with any untrusted computer and vice versa, find other ways to share files, and most importantly be aware of the dangers that exist.