The Universal Serial Bus (USB) is a simple mechanism that allows plug and play abilities and supports quick, fast and easy transfer of data between removable and other hardware devices. However, the devices are also extremely effective in carrying, installing and running malware, viruses and other malicious payloads with very limited user and system interaction. They thus pose a great threat to information security as attested by a paper titled “A Survey of USB Exploit Mechanisms, Profiling Stuxnet and the possible adaptive measures that could have made it more effective” by Kevin Orrey. The attack threats from USBs include USB Dumpers, USB Hacksaws, USB switchblade, USB-Based Virus, Hardware key loggers among others,
This paper delves into ways of preventing attack from stuxnet and other malwares and viruses easily carried using USBs.
The operating System installed on a computer is very influential on the effect of threats on information and the applications in the system (Principled Technologies, 2007). Individuals, businesses and institutions have relied on Microsoft widows as the Operating System (OS) of choice for their computers. However, in comparison to other operating systems like Linux, the windows OS is more vulnerable to USB-borne threats.
The threat of attacks can also be reduced by using integrated technology. The Integrated technology, U3 works jointly with USB. The U3 technology uses two partitions on the USB device; one of them is a read-only which the windows operating system interprets as a CD partition. This partition bears the autorun file and associated lunchpad software. The software uses the second partition, a File Allocation Table (FAT) which bears a folder containing installed applications. The applications launch automatically thereby preventing attacks by threats.
The prevention of attacks can also be enhanced by conducting USB user education. Users of USBS ought to ensure that the USBs they use come from trusted sources. They can also learn how to use anti-virus boundaries and sheep-dip devices. Moreover, training in incident response and reporting procedures could also contribute immensely in preventing the spread of attacks. Users also need to avoid default and passwords on hardware devices. These keeps off attackers who may insert infected USB devices and execute an attack.
Physical security measures against attacks from untrusted USB devices could be implemented by instigating controls as prescribed by the ISO 28000 series (Principled Technologies, 2007). The enforcements by organizations that workers use encrypted USBs prevent attacks from threats carried in USBs
Companies developing Operating systems now need to come up with systems that are more secure and robust. The Operating Systems need to be automated and have the ability to update automatically in order to counter the effects of increasing threats. Windows Service Update Services (WSUS) is one such development that aims to enhance attach prevention Principled Technologies, 2007). Moreover installing patches such as the MS08-67 fixes the Windows server service and reduces its vulnerability from worms such as the stuxnet worm (Parker, 2011). In addition keeping computer systems updated with the latest Patches, web browsers, and applications such as java, adobe and flash players could reduce the severity of viruses from USB devices. Attackers normally target destroying applications instead of the operating systems since few people remember to update the applications they have installed on their computers.
References
Principled Technologies, (2007) “Options for reducing Intrusion Security Risks” [Online],
Available: http://www.principledtechnologies.com/clients/reports/Intel/ThinSecurity.pdf
[Accessed 30 Jan 12]
Parker, T. (2011) Stuxnet Redux: Malware Attribution & Lessons Learned Retrieved from:
https://media.blackhat.com/bh-dc-11/Parker/BlackHat_DC_2011_Parker_Finger%20Pointing-
Slides.pdf [Accessed 30 Jan 12]