GTS Solutions Blog

GTS Solutions has been serving the Chapin area since 2009, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Without Protection, Your USB Ports Could Become RIP Ports

Without Protection, Your USB Ports Could Become RIP Ports

It seems like everything available today can function with a USB connection, be it a thumb drive, device charger, or a desktop device--there are even USB-powered mini fridges meant for a single soda can. Unfortunately, “everything” includes malicious devices and malware.

If a USB drive is infected by malware, you can put your computer and data at risk by merely plugging it in, and there are some malicious USB devices out there that pose some pretty serious threats.

USB Kill 2.0 
Despite being powered by electricity, computers don’t mix well with too much charge, as USBKill.com has capitalized on. Creating a dongle that is capable of siphoning power off of the device it is plugged into, USBKill.com’s proprietary device then releases the energy back into the system as a power surge attack.

Intended for hardware developers to test their devices’ resistances against ‘juice jacking' (a form of data theft that extracts data as a device is charging), the USB Kill 2.0 permanently damaged--if not destroyed--95% of all devices it was tested with without the company’s proprietary USB protection shield. This shield is what allows the USB Kill 2.0 to be safely used for its intended purpose--to test electrical attack resistance.

What’s more, in some cases when used without the shield, the USB Kill 2.0 wipes data from the device. While this is not what the USB Kill 2.0 is intended to do, this occurs simply because the charge is enough to damage the device’s drive controllers.

Needless to say, a business saboteur could find great use in the $56 USB Kill 2.0 as a method of attack, and there aren’t many effective protections a workplace can implement, besides educating employees to resist the temptation of plugging in any USB device they find.

USB-to-Ethernet Theft
Best practices for workstation security dictate that a system be locked whenever its user steps away, no matter how briefly. However, a security researcher recently discovered a method of extracting data from a locked computer using, you guessed it, a USB-connected device. By disguising itself in a particular way, the target computer adopts the device as the preferred network interface, allowing the hacker to extract data to a rogue computer attached to the cable’s other end in about 13 seconds. The best defense, according to the researcher who uncovered this flaw: don’t leave your workstation logged in and unattended, even with the screen locked.

What a Business Can Do to Protect Itself
Of course, not all USBs are evil carriers of the worst malwares and threats, but by no means should they be used after being found on the street willy-nilly, especially in a workplace setting. In order to protect business workstations and data from threats, simply enforce a requirement to have any USBs fully checked by your IT department before in-office use. Alternatively, consider utilizing a cloud solution as a much safer option to meet your mobile storage needs.

To protect your business from possible saboteurs introducing their USB-based malware, it is also wise to secure exposed ports with locking devices.

While USB devices seem to be the pinnacle of affordable convenience in data storage, they are far more trouble than they are worth, at least in terms of security. There are much safer solutions to implement that feature equal, if not greater mobility than even a flash drive. A cloud solution, for instance, can be accessed from anywhere there is an Internet connection, kept safe in a well-protected, offsite location. New and improved solutions like these make risk-laden devices, such as USB dongles, unnecessary.

For more IT tips, tricks, and solutions, subscribe to our blog.

Tip of the Week: How to Clean Your PC Like an IT P...
These Innovative Technologies are Helping eBay Mov...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Saturday, 21 December 2024

Captcha Image

Blog Archive

2022
January
February
March
April
May
June
July
August
September
October
November
December
2021
January
February
March
April
May
June
July
August
September
October
November
December
2020
January
February
March
April
May
June
July
August
September
October
November
December
2019
January
February
March
April
May
June
July
August
September
October
November
December
2018
January
February
March
April
May
June
July
August
September
October
November
December
2015
January
February
March
April
May
June
July
August
October
November

Mobile? Grab this Article

QR Code
Request a Consultation

GTSS strives to provide the best comprehensive IT, Computer, and Networking services to small businesses. We can handle all of your organization's technology challenges.

Contact Us
Contact Us

Learn more about what GTSS can do for your business.

700 Gervais St. Suite 250,
Columbia, SC 29201

Call us: (803) 298-3008

Toll Free: (888) 511-9017

News & Updates
North Charleston, SC Feb 2021: The first port in North America to implement Cisco's FluidMesh Fluidity mobile solution for port operations at the South Carolina Ports Authority new Hugh Leatherman Terminal. The GTS Solutions, Inc. team was able ...