The cybersecurity landscape is littered with stories of USB ports have been used to wreak havoc on organizations around the world. From the Stuxnet virus that brought down Iran’s nuclear program to a former student at The College of Saint Rose who destroyed more than 50 computers, USB ports serve as an open door for mass destruction.
The stories you’ve read about are isolated situations, you say? Not say fast. Here are eight ways your computer’s open USB ports can be used to inflict harm not only on you personally, but also your company.
1. Smart Phone USB Chargers
Cybercriminals can hide and deliver malware via USB phone chargers. Public USB phone charging stations are particularly vulnerable, which is why airport and coffee shop charging stations should be avoided at all cost. If you must use one, then protect yourself with a data blocker, which blocks all data connections to a USB port while allowing the port to be used for charging.
2. Rubber Ducky
Rubber Ducky poses as a keyboard and injects keystrokes at superhuman speeds, violating the inherent trust computers have in typed commands to install backdoors, steal documents, or capture credentials.
3. USB Thief
The USB Thief, which doesn’t leave any trace on the computer or laptop it’s plugged into, latches onto and hides itself in portable apps downloaded onto a USB flash drive, such as Firefox and TrueCrypt. After you plug an infected USB flash drive into a computer, the malware starts collecting your personal data and makes it available to hackers.
4. iSeeYou
iSeeYou is Apple-specific USB flash drive malware that affects the iSight cameras in Apple laptops. The malware disables the LED light of your computer’s webcam even when it’s on, allowing cybercriminals to record you without your knowledge.
5. Hidden Partition Patch
Researchers have demonstrated how a USB flash drive can be reprogrammed to act like a normal drive, creating a hidden partition patch that cannot be formatted, allowing for covert data exfiltration.
6. USBee
USBee is designed to attack an “air gapped” computer, meaning a computer not connected to a network. When the malware successfully executes itself on the target computer and detects that there’s a USB device that can be used to transmit information, it starts sending a sequence of zeros via soundwaves detectable at frequencies between 240 and 480 Mhz. USBee transmits data at about 80 bytes per second, which is fast enough to steal a 4096-bit decryption key in less 10 seconds. Its name is taken from the insect, which flies through the air.
7. USB Killer
The USB Killer permanently destroy devices by using a USB flash drive to trigger an electrical surcharge. When the USB flash drive is plugged in, power is taken from the USB port, multiplied, and discharged into the data lines until the motherboard is fried. Recent versions of this malicious USB flash drive include internal, rechargeable batteries that allow for attacks even when the computer is not turned on, thereby bypassing all known USB-C and Lightning (Apple/iPhone) security protocols.
8. KeySweeper
While KeySweeper does not need your USB port to operate, it is still worth mentioning here. Camouflaged as a functioning USB wall charger, KeySweeper wirelessly and passively sniffs, decrypts, logs, and reports back all keystrokes from any Microsoft wireless keyboard in the vicinity. All keystrokes are logged online and locally. SMS alerts are sent upon trigger words, usernames, and URLs to expose passwords. If unplugged, KeySweeper continues to operate using its internal battery and auto-recharges upon re-powering.
How to Protect Yourself
To defend yourself against attacks that require the use of an open and available USB port, the easiest and simplest strategy is to physically block your computer ports with USB port locks. These nifty little devices cost a couple bucks each and are the cheapest insurance policy you can buy to protect yourself from bad actors – not to mention employees who unintentionally lose USB flash drives and other portable media after downloading sensitive company files.
