The various threats associated with
the use of the USB flash drives
Securing USB Devices
Description :
Universal Serial Bus (USB) is an industry standard that defines the protocols used in a bus for connection, communication, and power supply between computers and electronic devices. USB was designed to standardize the connection of computer peripherals (including keyboards, pointing devices, digital cameras, printers, portable media players, disk drives and network adapters) to personal computers, both to communicate and to supply electric power.
USB ports and devices are extremely convenient for storing and transporting files from one computer to other.But these appealing properties may cause cyber security risk both in person and in organization. When a USB device
is connected to the malware infected computer or vice-versa, they may get infected with the malware and can spread the infection as soon as connected to other computer or Network.USB drive can be used by attacker to steal information directly from the computer.
Threats:
The various threats associated with the use of the USB flash drives are:
• Malware Propagation:USB storage devices act as carrier of malwares. They can easily be host to a number of malwares and they can spread these malwares from computer to computer as soon as they are plugged in.
• InformationTheft: It is extremely convenient to carry important data in a USB flash drive as these drives are of small size. This very convenience sometime make the USB drive vulnerable to theft. Attackers may also use their USB drives to steal information directly from a computer.
• Hacking into personal devices: Smartphones or tablets when plugged in computers that are connected to a public networksby using a micro USB cable, they can install a third-party application into the phone in just a few minutes which could access the Owner’s personnel data.
Protection of USB enabled computers:
• Use anti-virus software: The USB drives should be thoroughly scanned and sanitized before they are connected to the computer or the network.• Disable Autorun Features: The Autorun feature causes removable USB drives to open automatically when they are inserted into the computer. Malicious code could be prevented from running on the host computer,by disabling Autorun feature.To stop this feature, you may try to hold Shift key while plugging the USB flash drives into the computer.
• Keep separate USB drives: Do not use personal USB flash drives on computers owned by your organization. Further, do not plug USB drives containing corporate information into your personal computer. In extreme cases, organizations have cut off access to USB ports.
• Do not plug any unknown USB device: If any lost USB drive is found by you, Please Do not plug it into your computer to view the contents or to try to identify the owner. Rather give it to the appropriate authorities (a security personnel or organization's IT department).
• Restrict USB devices: At organizational level, the use of USB-devices (flash drives, USB HDD, SD cards and so on) can be disabled for safety reasons to prevent information leakage and virus infection. This can be implemented at different levels with different permissions using Group Policies.
Protection of USB based devices:
• Use Encryption: USB drives are very convenient to carry data. The data should be encrypted using strong encryption algorithms. So that even if the device is lost or stolen, it will be of no use to the attacker. In such a rive the owner can set the encryption password to protect the sensitive data.
• Use Secure USB Devices: Some USB flash drives have safety features like biometric authentication (fingerprint authentication). Only the authorized user can access the data in such a drive. This feature eliminates the need
of separate encryption mechanism.
• Charge-only:In case you need to charge your Smartphone via USB port on a computer, make sure it is in charge-only mode. This avoids unnecessary transfer of data.
• Use anti-virus software: Protect your Smartphone or any personal device that connects with computer via USB port, with anti-virus software
• Use Write protection: Some USB flash drives have a write-protection switch which keeps the contents of you drive safe from malware when you need to view them on a public computer. Turning it on effectively sets all files, and the device itself, to read onlymode.
• Change security permissions: In case you do not have a USB drive with write protection switch. Set the flash drive, to be read only by changing the permissions of the flash drive in the Properties window under the
Security tab.
• Protecting individual files:Enable write protection on certain files and folders that are not supposed to be modified or overwritten.
References
CERT-In
http://www.cert-in.org.in/PDF/
US-CERT
https://www.us-cert.gov/ncas/
SANS
https://www.giac.org/paper/
y-threat/104725
EmoticonEmoticon