Cybersecurity

A cyberattack via a USB interface

Proper extended detection and response solution (XDR) with proper USB device control can help organisations make their IT systems more resistant to infection through USB interface.

It is well known that a system’s endpoints in an organisation are the most vulnerable to malware attacks. There is often a lack of knowledge about different attack scenarios, therefore employees in an organization rarely know how easily they can become a target for cyberattack via manipulated USB interface. These include USB memory sticks/flash drives, charging cables, gadgets, and network adapters.

Infected firmware in USB devices

The perfidious thing about cyberattacks made via USB interfaces is the type of infection: The malware is often hidden directly in the firmware of the USB interface and there is no need for an infected file on the USB device. The malware is simply executed when the respective USB device is plugged in, where virus scanners and firewalls are unable to register or prevent the attack. It is also possible to set the firmware so that the attack does not start until a later time. Regardless of which time is set, it may be subsequently possible to carry out attacks with simulated keyboard input, listen in on network traffic, or redirect it. This way, security policies can be deactivated, or remote accesses can be started. Criminals can get to organization data quickly and easily, cause deliberate damage, or prepare further attacks. There is no longer a need to crack a firewall.

If employees are targeted as attack vectors, this not only poses a problem for the organisation's IT; The associated stress and strain on employees should also be taken seriously. Nobody can expect the employees to take full care of IT security, but they just cannot simply avoid the respective risks. An employee who has accidentally caused damage will usually not get away unscathed.

Security for organisations of all sizes 

As company networks are often affected by security vulnerabilities, organisations of all sizes should take the necessary precautions to protect their employees and their own network.  Cybersecurity should, wherever possible, be automated and centralized as part of a comprehensive security concept.

Tips to avoid USB cyberattacks

  1. The first thing to do is to identify the locations at which data is handled, check how the data is used, and check which USB and storage devices and which data transfers to or from these devices could pose a security risk.
  2. It is advisable to block or filter access for devices, media, and interfaces with a higher risk.
  3. It is even better to only allow access to USB devices that have been purchased, checked, and approved by the IT department.
  4. Critical data with sensitive information should never by stored on unsafe devices. If no other option is available, encryption should be used at the very least.
  5. Data transfer anomalies should be detected, reported, and blocked in an automated manner. If malicious code is discovered, this must be blocked as swiftly as possible using post-infection measures.
  6. To ensure traceability in accordance with EU GDPR, it is essential to log all data transfers.

Proper extended detection and response solution (XDR) with proper USB device control can help organisations make their IT systems more resistant to infection through USB interface. XDR solutions provide automated detection and combating of malware. In this case, there is no need for IT staff to intervene manually.



----

Photo: rawpixel

News

Technical Training for Hardware Security Module (HSM)

utimaco trainingCREAplus, authorized Utimaco training partner, is going to deliver an online hands-on technical training for hardware security module (HSM), on 28-29 October 2021.

Read more ...

From Fundamentals to Quantum-safe algorithms

 Cryptographic JourneyIn the modern, digital world cryptography is an indispensable tool for protecting our systems and data. Without knowing we rely on cryptography daily, be it to check our email, safely login to a computer, or drive a smart car, since the magic happens in the background, unseen. 

Read more ...

CREAplus awarded with AAA Creditworthiness Certificate of Excellence

AAACompany CREAplus has been classified into legal entities that have received highest AAA Creditworthiness Certificate of Excellence, awarded by Analytical House Bisnode.

Read more ...

Utimaco acquires Realsec to strengthen its solution portfolio and expand its regional presence

Utimaco acquires Realsec to strengthen its solution portfolio and expand its regional presenceUtimaco, a leading global provider of IT security solutions, announced that it has signed a Share Purchase Agreement with Realsec, the Spanish IT security company and Hardware Security Module (HSM) provider. The closing of the acquisition is expected in July.

Read more ...

CREAplus Successfully Delivered Training for Utimaco HSM

utimaco LAN V5 4CREAplus, authorized Utimaco training partner, successfully delivered another 2-day online hands-on technical training on hardware security module (HSM), in April 2021.

Read more ...