All of our beloved USB devices – which includes flash sticks, keyboards and printers – have a vulnerability allowing hackers to infect them with malicious code. Researchers Brandon Wilson & Adam Caudill published the malicious computer code online because they wanted to alert the public to the “BadUSB” vulnerability and hopefully utilize collective world intelligence and ingenuity to crowdsource a fix.
Bad USB Troubles
All USB devices have microcontrollers, which are chips that tell the devices how to communicate with computers. This chip has programmable software or Firmware, that hackers can then reprogram for malicious gain, such as infecting computers or logging keystrokes.
The danger behind the BadUSB vulnerability lies in the fact that it’s difficult to detect, even with an antivirus program. The simple act of plugging in a USB device into a computer or laptop may be enough to infect your system with malware.
At the time of writing this, there are not patches or updates that will fix the BadUSB vulnerability. However, Caudill states that you can physically protect your own thumb drive by coating the inner walls of the case with epoxy so it’s difficult for a stranger open it and reprogram the device’s firmware. This may seem extreme, but if you transport secure data, or if you ever hook up a USB drive to ANY computer you access your banking information or sensitive personal or financial information on, it may well be worth the time.
Aside from that drastic step, for now at least, one of the best things that you can do is not use USB devices with which you are not familiar. Small-business computer support expert suggest that companies not allow employees to use outside USB devices in office computers. In addition, always download the latest computer updates and patches.
Rethink Associates is in the business of keeping your systems safe and out of our Springfield & Joplin computer repair shops. Feel free to call us with your security-related questions and learn more about what you can do keep your data safe.