BadUSB

BadUSB - refers to a USB device that has had it's firmware modified with malicious intent.

IT IS UNFIXABLE AND UNDETECTABLE

Our only defense is knowledge, and it's up to you to help defend against this threat for both your own safety/security and that of the lab.

 

USB is the standard for connecting peripherals.

Recently it has been discovered that aside from simply storing malicious content directly on a USB device's memory, an attacker is able to modify the underlying firmware of the device and reprogram it to carry out malicious functions including taking complete control over the host machine in which it is plugged into.

 

A short list of what this allows a 3rd party to do:

- upload/download files

- track web browsing

- send commands via keyboard

- monitor your keystrokes for password information (banking, etc)

- exfiltrate data to a 3rd party

- use the host machine as a 'bot' to carry out attacks

 

How you can help protect yourself and the lab

- Only use USB devices that you are familiar with and trust.  This means from a recognized professional vendor.

- Do not purchase or use pre-owned USB devices

- Do not use the same drives from your home that you use at the lab and vice versa.

- Do not leave your USB devices unattatended

- Avoid copying sensitive information or PII onto a USB device.

- Use encryption if possible

As always, if something looks suspicious it probably is.

If you have any questions, no matter how minor, please contact the helpdesk at x7155 or helpdesk@jlab.org