Built-in protection against USB security attacks with USBGuard
Most people don’t consider their average USB memory stick to be a security threat. In fact, in a social engineering experiment conducted in 2016 at the University of Illinois and detailed in this research paper, a group of researchers dropped 297 USB sticks outside in the parking lot, in the hallway, and classrooms. Of the 297 USB sticks dropped, 290 were picked up and 135 (45%) called home. In order to encourage people to pick them up, some keys had door keys attached, some said “confidential” and some said “final exam” and had file names. As a result, the most opened keys were those collected in the parking lot (53%), while 68% of collectors said that they had plugged it in and opened files to determine the owner. Also, 20% of keys were opened in the first hour, and 70% within 35 hours. This type of social engineered USB attack is effective with an estimated success rate of 45-98% and expeditious with the first drive connected in less than six minutes. One of the researchers who conducted this experiment, Elie Bursztein, presented his findings at the 2016 Black Hat Conference and declared that they had been able to drop the USB sticks and it was “job done”.
Another reminder of the damage a USB security attack can cause is the highly destructive Stuxnet worm that was used to degrade and destroy hundreds of centrifuges at Iran’s uranium enrichment facility at Natanz a few years ago. This attack was in fact, initially introduced into the systems via an infected USB stick.
The fact that users plug such storage devices into corporate computers is obviously a nightmare for IT security professionals. USB sticks can be loaded with spyware, malware, or Trojans, which can not only steal your data but even destroy your computer. The good news is that, if you are a Red Hat Enterprise Linux user, you can prevent these USB attacks with USBGuard, which is included with the release of Red Hat Enterprise Linux 7.4. Inspiration for this is drawn from exploits like BadUSB.
So what are you waiting for? If you want to safeguard your systems against USB based security attacks, be sure to install and utilize USBGuard for all your Red Hat Enterprise Linux systems!
Read the entire article here, Built-in protection against USB security attacks with USBGuard – Red Hat Enterprise Linux Blog
via the fine folks at Red Hat.