The game for staying ‘one-up’ between hackers and security techs is never-ending. The hackers now have skills to get through USB device to break into the PCs. The hackers have now found the vulnerable spots with the USB devices such as USB sticks, pen drives, keyboards, and gaming USB ports.
SR Labs chief scientist of Berlin, Karlston Nohl informed that hackers load malicious software onto computer chips that control USB. As computer’s antivirus software is designed to scan the memory only, this malware goes unnoticed. The white-hat studies have detected that hackers exploit electronic components, run by bugs in the software. The security techs are trying to check this defect prone to rogue attack.
How it is done
If hacker convinces on some pretext to insert his USB device in your PC, beware that inserted device can take over your PC’s Window and system. It finds the document files and copy them to USB’s internal storage and hide them as deleted files. The device can also set up a spyware in the system and break in the operating system. The component or features that facilitate this operation are Direct memory access (DMA) and AutoRun.
HACKER’S Modus Operandi
The hackers in any organization can gather all the worthless thumb drives or pen drives and spot them with their own software mark. They write Trojans that collect passwords, login and other personal details from the user’s PC and keep the discovered record in their emails. Next, they need to place those USBs where employees can ‘discover’ them, in parking, canteen, smoking area etc.
Most of them would pick it up for two reasons 1. Out of curiosity and 2. The desire to get it back to its rightful owner. The employees plug into their PCs without guessing its real danger, and soon they become its victims. All the classified information can be transferred to hacker’s emails, as programmed by Trojan.
Dropping the thumb drive in the parking lot may not be so effective now, as more and more techies are aware of this ploy. This is what people may think, but on the contrary, this still stands as a huge potential danger.
What to do to check it
DeviceLock-
Luckily this situation can be countered by DeviceLock. The organizations can block usage of any unauthorized thumb drive or USB device at any port of the endpoint computers. Through DeviceLock, they can bar thumb drive insertion, whilst they can make it usable with some other kind of USB to be used at these ports.
Authorization by model number-
The organizations can take measures to allow the use of some certain USB device models or device numbers only, so their work goes safe and unhampered.
Limited access-
DeviceLock can be configured for limited access, or the specified content can be made available to be read-only. Also, they can fix certain hours of the day for its use.
Security management by limitation-
They can manage by instructions and modified configuration, what type of files are accessible or downloaded through the device. DeviceLock can also check and safeguard against malicious files at the endpoints.
Strict security measures can only save PCs from USB hackers.
