Everyone has a collection of memory sticks; one memory stick has that presentation, another one has this coursework. And, it always seems to be when our lives depend on it that they get corrupted or snap in half.
We don’t really think about the security risks of our USB sticks when we use them on a daily basis, but USB flash drives haven’t always had a good track record.
They’ve been known to spread serious viruses as hackers can write their malicious code and copy it into the USB stick’s flash memory which in turn gets transferred onto your PC.
Although finding yourself in these situations can be a stressful experience, the problem can be solved. Keeping off dodgy websites, avoiding suspicious downloads, updating your firewalls, making sure you perform antivirus scans on your PC and USB and finally, returning the USB to its factory settings will just about do the trick.
However the real problem is far deeper, it’s engrained in the way USB’s actually work.
Two security researchers Karsten Nohl and Jakob Lell, have written a piece of malware called BadUSB that can reek havoc on your PC in a plethora of ways. Although people have theorised about it, this is the first time that it has been authentically demonstrated.
The BadUSB program works because it is stored in the firmware of the USB rather than the flash memory storage. The flash memory is where we store our transferrable documents. The researchers have found that the firmware can be reprogrammed to hide attack code. The firmware is significant because it runs the basic communication functions, letting the USB connect with PC’s and it’s pretty much inaccessible to normal users. It’s like the USB’s own tiny operating system. Even if you try to delete everything off the USB, the firmware remains intact.
When BadUSB is installed on your USB stick, putting it into your computer marks the end of your computer use as you know it. Not only can it alter the files on your memory stick but it can also take over your computer and redirect your internet traffic, without you knowing at all.
“We’re exploiting the very way that USB is designed”, says Nohl.
And there is no overcoming this, for the time being at least. Antivirus scanners cannot access the firmware of the USB and the firewalls that could block threats like BadUSB have not been developed yet.
The use of the USB has been fundamentally, irreplaceably broken. Although with time there may be some sort of protection, behavioural detection is pretty tricky. Superior malware such as BadUSB is able to change its persona so flawlessly that no suspicion arises.
If your USB firmware does get infected with malware, the only way to combat the spread of the virus is to stop using the USB altogether. No more putting your USB in untrusted computers and no more using someone else’s USB, you never know where it’s been.