When we talk about a USB device or call something USB we are actually talking about the way a computer peripheral (including keyboards, pointing devices, digital cameras, printers, portable media players, disk drives and network adapters), connects to a computer or system to either communicate or supply electrical power. In today’s world we all have something we use daily that uses a USB connection or cable; whether it is our smart phone or a mass storage device, an IPod or maybe even a webcam. This Universal standard makes it easy for us to connect all sorts of devices to our computers for easy use as all computers today have USB ports that come standard.

So how can something so good become bad?

Simply because of opportunity, and hackers. Hackers are described as anyone who seeks to exploit weaknesses in a computer system or network (http://en.wikipedia.org/wiki/Hacker_ (computer_security)). Hackers look for any opportunity that either they can find or may present itself to take control and compromise a system or network. The hackers were able to find such an opportunity in USB device firmware. A USB device firmware hack called BadUSB was presented at Black Hat USA 2014 conference, demonstrating how a USB flash drive microcontroller can be reprogrammed to spoof various other device types in order to take control of a computer, exfiltration data, or spy on the user (http://www.wired.com/2014/07/usb-security/).

So what is BadUSB?

In an article from hacknigpost.com described it “in short, every USB drive has a microcontroller in it which is a small chip that acts as an interface between the device (keyboard, or flash drive) and the host (PC). This small chip often has firmware that can be reprogrammed to do notorious things, such as logging your keystrokes and infect your Personal computer with malware, or something much worse. BadUSB is really very dangerous because of one factor which is “It is Undetectable”, even if scanned by Antivirus program.” According to Wired Magazine, this BadUSB vulnerability is practically unpatchable because it exploits the very way that USB device is designed. If once infected, each USB drive will infect anything it’s connected to.

So what is the impact of BadUSB?

Once the device is compromised, the USB devices can reportedly:

  • Log keystrokes
  • alter folders & files
  • infect other devices & systems
  • spoofs a network card to change the computer’s DNS setting
  • Install malware & Control Keyboard

So how do you stay protected?

The best protection against BadUSB vulnerability and other similar exploits is good security practices. Always keep your software updated & never open any files which you don’t recognize, and don’t plug any devices into your computer unless you know where they’ve been.


Keith Becker

Systems Engineer