Tired of users who spreads malware using USB devices?

Then perhaps you should get them a USB-device that will teach them a serious lesson, no I am just kidding, let me explain.

A russian security researcher nicknamed Dark Purple seems to be inventing a killer USB device, or more a computer frying USB device. It is an interesting way to use a USB device, thats for sure. You can you read more about it here. It is not for sale, at least not yet, but it is quite fascinating to read about it.

If you wish to employ a little less drastic counter-measures, there are some.

  • Use Active Directory to simply deny the use of USB devices

I know, it sounds impossible, but it is not. It all depends on whether you want to take on the administrative burden of managing exceptions or not. Yes, in a large organisation it will most likely be quite impossible. Even though, it is worth knowing that Active Directory can mitigate the threat from USB devices.

  • Malware Protection Engines

Same as the above actually, the rely on the class ID and serial numbers of the USB devices wether to allow it or deny access. The same administrative burden awaits.

I am not even gonna suggest using superglue on the USB ports since it is almost never an option, but instead say that most important thing you can do about USB devices is training and NOT allowing your users to do their day to day work running with local admin privileges. Then make sure you disable autorun and if possible, never allow code execution on removable devices. Stick with those and the USB threat is at least mitigated. Unfortunately, the USB threat is here to stay and will remain a threat to most organisations for a long time.

Leave a Reply

Your email address will not be published. Required fields are marked *