Hardware-Encrypted USB Flash Drives Stop BadUSB Before It Starts
BadUSB is a class of malware used by hackers worldwide who are determined to create as much havoc in as many lives as they can…BadUSB resides in a USB flash drive that has been programmed to go rogue and do some very bad, destructive things.
It stands to reason that any problem with the word “bad” in its name will not be fun to deal with. However, when the solution for the said problem is a multi-tasker that solves multiple issues, that goes beyond being a good thing—maybe bordering on amazing. Such is the case with the problem of BadUSB and the most practical means of preventing the problems it causes: hardware-encrypted USB flash drives.
USB flash drives are one of the easiest, securest means of storing data, backing up files, booting a computer and transferring data/files/images from one device to another. They are as ubiquitous on campuses as stately, ivy-covered buildings between students, faculty, and administrators.
USB drives are available in a wide range of prices, from free to three-digit figures. With that large a price range, it is not surprising that some lower-end units will be problematic.
What Exactly is BadUSB?
BadUSB is a class of malware used by hackers worldwide who are determined to create as much havoc in as many lives as they can. (Malware—an amalgam for malicious software—is an all-encompassing term for any computer software that was specifically designed with malicious intent.) BadUSB resides in a USB flash drive that has been programmed to go rogue and do some very bad, destructive things.
BadUSB allows these individuals to do some serious firewall breaching to introduce malware into a school’s cyber-defenses through USB storage devices. The first USB malware, BadUSB, does not attack data on the device; instead, it attacks the device itself.
When a USB drive is plugged into a computer, the chipset controller of the computer starts a “handshake” with the USB drive controller via firmware. This exchange occurs even before the OS—whether it be Microsoft, macOS, or Linux—is even aware that a USB drive has been connected. (Every USB drive has firmware that runs when the drive is activated in a USB socket.)
This article originally appeared in the March / April 2022 issue of Campus Security & Life Safety.