fbpx
Size of letters 1x
Site color
Image
Additionally
Line height
Letter spacing
Font
Embedded items (videos, maps, etc.)
 
City: Kyiv
067 218 10 04
Join EBA
Companies
Log in If your company is already a member of the EBA, here you can register or log in to a personal cabinet
Eng Укр

The Secrets of Cybersecurity: USB Flash Drive as a Weapon in the Hands of Hackers

30/ 06/ 2021
  Risks associated with the use of USB flash drives in the workplace. USB flash drives are one of the most popular data transmission tools. Every employee as well as common users regularly use a few USB flash drives. These tools are very useful for data transmission and storage purposes due to their size and ease of use. One of the most widespread threats related to the use of USB flash drives for professional purposes is the possibility that these small tools may be lost or stolen. There is the risk that accidental finding may appear in the hands of hackers who can easily access all information and files stored on this drive. In 2017, the insurance company MAPFRE Life was fined $2.2 mln due to the violation of the Health Insurance Portability and Accountability Act (HIPAA), the main document governing the protection of patients’ data. The USB flash drive containing information about 2,200 patients such as their names, dates of birth, social insurance numbers, and other data was stolen from the insurance agent’s office. However, even when data has been deleted from a USB flash drive, hackers may restore it since a drive may contain the tracks of files or their copies. That is why the steal of these tools or their loss creates serious risks for companies. The loss of a USB flash drive may is also associated with the risk of substitution. Upon finding a flash drive with the logo of a particular company, a hacker may install hidden software and bring the “finding” to the company’s office. The employees without any suspect of possible malicious intentions of this “kind person” will continue using the found USB flash drive thereby infecting both corporate and personal devices. In this case, a hacker is not interested in accessing the information stored on a flash drive but rather is interested in accessing as many devices as possible. When a USB flash drive contains malicious software or is infected by viruses, there is a high risk that these malicious programs may be transmitted to the devices to which this tool is connected. Malicious software is used by hackers to steal files from the infected device, view browser history, gain control over the programs, changing configurations, etc. By connecting the infected flash drive to a computer a user without noticing it launches the installation of so-called browser pirates that redirect him to dangerous websites or resources from which the process of further transmission of malicious software takes place. Furthermore, the infected flash drives may contain adware, spy modules, and potentially dangerous software. The type of threat that may be caused by connecting a USB flash drive to a computer depends on the intentions of hackers. The variety of tools hackers have at their disposal is very broad. That is why companies need to strictly monitor the use of USB flash drives by employees and try to minimize it. How do USB flash drives become a weapon?. USB Rubber Ducky One of the main tools in the hands of hackers related to USB flash drives is USB rubber ducky that resembles popular USB flash drives. USB rubber duckies with pre-installed malicious software allow hackers to rapidly enter commands to the victim’s computer. These tools have a microcontroller and memory with the required loaded sketch. It takes just a few seconds for a “ducky” to crack systems. USB rubber duckies may be purchased online at the price of $50. The detailed instruction and lessons on how to make rubber duckies from common USB flash drives may be easily found on the Internet. Both experienced and specialists and hackers-amateurs may just by following a few steps make dangerous rubber duckies. Rubber ducky - the most popular BadUSB WiFi Ducky It is the analogue a rubber ducky but with a built-in Wi-Fi module. The sketch is not executed immediately when connecting this tool to a computer but the access point awaiting connection is created. One may connect to this access point from any device while the required actions may be carried out at any point in time. And that is one of the main advantages of Wi-Fi ducky over a USB rubber ducky. Wi-Fi ducky was firstly developed by Stephan Kremser and now it is available for sale. USbee The attack in the form of airgap. By connecting the USB flash drive to the victim’s computer hackers can transmit data stored on this device at a frequency that ranges between 240 and 480 MHz. This type of attack targets computers that are not united in a network. USbee was developed by researchers from Israel. The information transmitted at this frequency comes to a receiver that is located nearby, for example, in the next room. The data transmission speed is just close to 80 bytes per second, however, it is enough to steal confidential data including passwords. The advantage of this method is that there is no need to modify the USB tool and receiver. The effectiveness of this type of attack depends on many factors and that is why its popularity is lower compared to the frequency of use of rubber and Wi-Fi duckies.  USB Thief The USB trojan may be launched from the USB flash drive or external hard drive and does not leave any trace in the compromised computer. The victim does not notice the transmission of files to the external holders. The trojan is fixed only for a specified USB tool.  USB thief uses the popular practice of storing on the USB holders the portable versions of popular programs including TrueCrypt, NotePad++, Firefox, etc. Trojan will work in the background of the application launched. The malicious program inserts its code into the chain of commands in the format of a dynamic connected library or plugin. The main objective of the USB thief is to steal files of the prescribed type. The encryption of the stolen files is made via cryptography. How to safely use a USB flash drive in the workplace. Both employees and the company’s cybersecurity specialists should be responsible for the safe use of USB flash drives in the workplace. By following the basic security rules, the use of USB flash drives by employees in the workplace will be associated with minimal risks to the company’s digital security. Let us provide the main rules on how to safely use USB flash drives in the workplace: Use different USB flash drives for personal and professional purposes. In the office, employees should strive to corporate data holders and do not connect them to personal devices. As a result, the risk that USB flash drives may be infected will be minimized; Use only the USB flash drives manufactured by certified companies and sold in licensed stores. Criminal actors may illegally sell portable data holders of famous brands that are infected by malicious software; Do not store files containing confidential information on USB flash drives without necessity. By following this rule you can dramatically minimize risks associated with losing the portable device; Do not use accidentally found or brought by a “kind person” USB flash drives both for personal and corporate purposes even if they have a corporate label or any other confirmation that they may belong to the company’s employees. These portable devices should be given to respective cybersecurity specialists for their thorough check; Use specialized software and antivirus programs to block suspicious portable tools. As a result, employees will be able to use only the USB flash drives that will not cause damage to corporate devices. Furthermore, it is of the greatest importance to regularly update security software; Encrypt the information stored on a portable USB flash drive. Even when accessing the information holder, hackers will not be able to easily get data stored on this tool. The time won a company may use to take preventive measures; Disable autorun function of the portable tool to minimize risks related to potential launch of malicious code. By following the above-mentioned rules employees may minimize the risks related to possible loss of data and hack of corporate devices when working with USB flash drives. Generally, the higher attention employees pay to USB flash drives and the more companies focus on teaching employees how to safely use them, the more serious challenges hackers will face when trying to access the victim’s systems through portable data holders.

Risks associated with the use of USB flash drives in the workplace

USB flash drives are one of the most popular data transmission tools. Every employee as well as common users regularly use a few USB flash drives. These tools are very useful for data transmission and storage purposes due to their size and ease of use.

One of the most widespread threats related to the use of USB flash drives for professional purposes is the possibility that these small tools may be lost or stolen. There is the risk that accidental finding may appear in the hands of hackers who can easily access all information and files stored on this drive. In 2017, the insurance company MAPFRE Life was fined $2.2 mln due to the violation of the Health Insurance Portability and Accountability Act (HIPAA), the main document governing the protection of patients’ data. The USB flash drive containing information about 2,200 patients such as their names, dates of birth, social insurance numbers, and other data was stolen from the insurance agent’s office.

However, even when data has been deleted from a USB flash drive, hackers may restore it since a drive may contain the tracks of files or their copies. That is why the steal of these tools or their loss creates serious risks for companies.

The loss of a USB flash drive may is also associated with the risk of substitution. Upon finding a flash drive with the logo of a particular company, a hacker may install hidden software and bring the “finding” to the company’s office. The employees without any suspect of possible malicious intentions of this “kind person” will continue using the found USB flash drive thereby infecting both corporate and personal devices. In this case, a hacker is not interested in accessing the information stored on a flash drive but rather is interested in accessing as many devices as possible.

When a USB flash drive contains malicious software or is infected by viruses, there is a high risk that these malicious programs may be transmitted to the devices to which this tool is connected. Malicious software is used by hackers to steal files from the infected device, view browser history, gain control over the programs, changing configurations, etc. By connecting the infected flash drive to a computer a user without noticing it launches the installation of so-called browser pirates that redirect him to dangerous websites or resources from which the process of further transmission of malicious software takes place.

Furthermore, the infected flash drives may contain adware, spy modules, and potentially dangerous software. The type of threat that may be caused by connecting a USB flash drive to a computer depends on the intentions of hackers. The variety of tools hackers have at their disposal is very broad. That is why companies need to strictly monitor the use of USB flash drives by employees and try to minimize it.

How do USB flash drives become a weapon?

USB Rubber Ducky

One of the main tools in the hands of hackers related to USB flash drives is USB rubber ducky that resembles popular USB flash drives. USB rubber duckies with pre-installed malicious software allow hackers to rapidly enter commands to the victim’s computer. These tools have a microcontroller and memory with the required loaded sketch. It takes just a few seconds for a “ducky” to crack systems. USB rubber duckies may be purchased online at the price of $50. The detailed instruction and lessons on how to make rubber duckies from common USB flash drives may be easily found on the Internet. Both experienced and specialists and hackers-amateurs may just by following a few steps make dangerous rubber duckies.

Rubber ducky – the most popular BadUSB

WiFi Ducky

It is the analogue a rubber ducky but with a built-in Wi-Fi module. The sketch is not executed immediately when connecting this tool to a computer but the access point awaiting connection is created. One may connect to this access point from any device while the required actions may be carried out at any point in time. And that is one of the main advantages of Wi-Fi ducky over a USB rubber ducky. Wi-Fi ducky was firstly developed by Stephan Kremser and now it is available for sale.

USbee

The attack in the form of airgap. By connecting the USB flash drive to the victim’s computer hackers can transmit data stored on this device at a frequency that ranges between 240 and 480 MHz. This type of attack targets computers that are not united in a network. USbee was developed by researchers from Israel. The information transmitted at this frequency comes to a receiver that is located nearby, for example, in the next room. The data transmission speed is just close to 80 bytes per second, however, it is enough to steal confidential data including passwords. The advantage of this method is that there is no need to modify the USB tool and receiver. The effectiveness of this type of attack depends on many factors and that is why its popularity is lower compared to the frequency of use of rubber and Wi-Fi duckies. 

USB Thief

The USB trojan may be launched from the USB flash drive or external hard drive and does not leave any trace in the compromised computer. The victim does not notice the transmission of files to the external holders. The trojan is fixed only for a specified USB tool.  USB thief uses the popular practice of storing on the USB holders the portable versions of popular programs including TrueCrypt, NotePad++, Firefox, etc. Trojan will work in the background of the application launched. The malicious program inserts its code into the chain of commands in the format of a dynamic connected library or plugin. The main objective of the USB thief is to steal files of the prescribed type. The encryption of the stolen files is made via cryptography.

How to safely use a USB flash drive in the workplace

Both employees and the company’s cybersecurity specialists should be responsible for the safe use of USB flash drives in the workplace. By following the basic security rules, the use of USB flash drives by employees in the workplace will be associated with minimal risks to the company’s digital security. Let us provide the main rules on how to safely use USB flash drives in the workplace:

  • Use different USB flash drives for personal and professional purposes. In the office, employees should strive to corporate data holders and do not connect them to personal devices. As a result, the risk that USB flash drives may be infected will be minimized;
  • Use only the USB flash drives manufactured by certified companies and sold in licensed stores. Criminal actors may illegally sell portable data holders of famous brands that are infected by malicious software;
  • Do not store files containing confidential information on USB flash drives without necessity. By following this rule you can dramatically minimize risks associated with losing the portable device;
  • Do not use accidentally found or brought by a “kind person” USB flash drives both for personal and corporate purposes even if they have a corporate label or any other confirmation that they may belong to the company’s employees. These portable devices should be given to respective cybersecurity specialists for their thorough check;
  • Use specialized software and antivirus programs to block suspicious portable tools. As a result, employees will be able to use only the USB flash drives that will not cause damage to corporate devices. Furthermore, it is of the greatest importance to regularly update security software;
  • Encrypt the information stored on a portable USB flash drive. Even when accessing the information holder, hackers will not be able to easily get data stored on this tool. The time won a company may use to take preventive measures;
  • Disable autorun function of the portable tool to minimize risks related to potential launch of malicious code.

By following the above-mentioned rules employees may minimize the risks related to possible loss of data and hack of corporate devices when working with USB flash drives. Generally, the higher attention employees pay to USB flash drives and the more companies focus on teaching employees how to safely use them, the more serious challenges hackers will face when trying to access the victim’s systems through portable data holders.

If you have found a spelling error, please, notify us by selecting that text and pressing Ctrl+Enter.

Start
in the Telegram bot
Read articles. Share in social networks

← Back to log in

Spelling error report

The following text will be sent to our editors:

Send