Oct 06, 2014

How to protect against badUSB attack?

The release of badUSB into the wild makes me nervous. It is a modification of a USB stick that can execute malicious files if it is inserted into a computer, and may well avoid existing anti-virus software. How can threats from badUSB be avoided or minimized?

I don't get the paranoia from some people regarding this. It is a bad security risk, but some people forgot their foil hats at home, for sure.

If you are an administrator you can push a patch to disable USB storage for the time being until the security community is able to come up with a plausable solution to the exploit. In the time being you can obviously tell everyone "Dont insert thumbdrives into the computers" but the second option you can explore is through disabeling USB storage devices through the registry.


The link below provides the steps required to accomplsh such a task. Hopefully this answers your question :)




This is common sense, but don’t allow any non-company provided USB flash drives (or if you are an individual, only USB drives that you KNOW are safe - this does not include free USB drives given away as promos). Of course the problem is that any policy is going to be violated by someone. Unfortunately, at this point there is no way I know of to detect badUSB because, as you alluded to, it makes use of the USB firmware as its attack vector and this will probably not be recognized by existing anti-malware software.  


Now that the code has been released by researches, you can expect new USB drives to have this vulnerability fixed very soon, but it’s going to be a potential problem for a long time to come with all of the USB drives that are floating around. There is no way that everyone is going to replace them once patched versions are released.

Answer this