“BadUSB” Hack Exposes Dangerous Vulnerability of Commonly Used Data Storage Devices
If you’ve ever used a computer, you’re most likely familiar with those magic little sticks commonly known as USB Thumb Drives. Available in shapes and designs ranging from simple rectangles to colorful miniature racecars, these ubiquitous devices plug into computer USB ports and allow for remote file storage as well as the efficient movement of data between computers. Be it a collection of photographs, MP3 music files, or Excel spreadsheets, a few clicks of the mouse is all it takes to easily transfer all sorts of information between otherwise unconnected PCs.
However, recent findings have exposed a potentially dangerous flaw: The firmware contained within these devices can be hacked to do a variety of bad things to your PC.
The unwitting distribution of malicious programs and viral infection of PCs via USB drives isn’t a new concept. It has long been known that malware can be installed onto the flash memory storage of a USB drive, and if not removed can cause significant harm your PC. Up until recently, the general consensus has been that occasional USB drive reformatting combined with the regular execution of antivirus scans was enough to keep these helpful devices (and your computer) relatively safe from “infection”.
The BadUSB hack shows that these precautions may no longer be enough.
In a nutshell, BadUSB demonstrates the existence of the ability to hide malicious code not within the flash memory of USB drives where most data is stored, but within the underlying firmware that exists on these drives and allows them to interact with PCs and other USB-friendly devices. Because this data is contained within the firmware, traditional reformatting techniques and antivirus scanning programs don’t recognize the infection and as a result, do nothing to identify or resolve the malicious intrusion.
The R&D behind BadUSB was done by Karsten Nohl and Jakob Lell, researchers for technology security consultancy firm SR Labs. The result of their work was the creation of a malware program (BadUSB) that can wreak all sorts of havoc once inserted into the firmware of USB drives. Once installed, the BadUSB malware can replace software with corrupted versions, hijack and divert internet traffic, spy on users’ computer activity and even secretly install itself onto PCs to then infect USB drives of future users.
With the current inability to easily detect the existence of BadUSB-type malware infections, serious questions are raised as to the future of the USB drive maintaining its current status as the go-to data storage and sharing device of choice. Additionally, according to the research there doesn’t yet appear to be an effective technical solution for this newly-exposed hole in USB drive security. There is no “patch” so to speak.
The only short-term solution that currently exists to help protect PCs and USB drives from the BadUSB threat is to be very careful with how you choose to use these devices. Don’t plug your USB drive into computers you don’t own or trust, and conversely, don’t let anyone plug an unfamiliar or untrusted USB drive into your PC.
Although not perfect or comprehensive solutions, as long as this advice is heeded one should be able to continue feeling confident about using USB drives without serious risk of infection by a “Bad” USB.