Data breach is a serious problem for all SMEs, irrespective of their size. The average total cost per breach has increased from $3.54 million in 2006 to $8.19 million in 2019. A report from Juniper Research suggests that by 2020, the average cost of a data breach will exceed $150 million. To minimize data breaches and associated costs, SMEs often need the assistance of experts from a computer support company to ensure their internal and customer data remains safe.
What is a Data Breach?
A data breach is an incident that involves the unauthorized exposure, access or retrieval of sensitive, confidential or protected data by an individual or malware. This is a specific type of breach for stealing sensitive information. It’s performed by accessing a computer or network device locally or remotely by bypassing initial endpoint security.
Are there ways corporate organisations can minimise data breaches caused by Universal Serial Bus (USB) devices while still ensuring that business goes on?
Fortunately, the answer is yes.
3 Core Reasons to Implement USB Device Control
USB ports have become a very popular interface to connect with several devices over the years since it was first introduced in 1981. Many devices such as audio recorders, tablets, gaming units, and microcontroller units provide a USB interface. While this is a useful technology, some of these devices which come with USB interfaces have also brought with them new malwares to our computer systems that need to be mitigated. There may be several reasons why corporate enterprises implement a USB device control, but three key reasons are:
- Data Theft via USB
Users within an organisation can easily steal corporate data using USB drives if USB ports have no form of restrictions on them. Putting in the necessary restrictions helps control copying of data using USB drives plugged into a corporate computer network.
- Personal Jobs on USB drives
Data theft isn’t the only reason why corporate organisations require USB device control. A USB device control system is also required to prevent users from copying their personal data stored on USB drives into the corporate network for processing and execution.
- Attacks from USB Devices That Shut Down a Corporate Network and Steal Data
Malware loaded on USB drives can steal confidential data once plugged into a computer on a corporate network. These malwares can shut down a local computer without consent from a user. It also has the capability of shutting down the entire computer network.
USB Attacks
Three of the deadliest USB attacks are:
- Rubber Ducky USB Attack
Rubber Ducky is an attack where a USB device connected to a node on a computer network emulates a generic keyboard with the intention to attack the workstation. Once connected to the computer, the USB device begins to imitate a user “typing” specific characters in order to perform illegal activities on the PC. This type of attack is achieved by pre-configuring the USB drive with intelligent software that helps it interact with a computer.
- USB Hacksaw Attack
The hacksaw attack also makes use of a USB drive pre-configured with software. This software can install itself silently when plugged into a USB port. After silently installing itself, the USB drive then acts in a Trojan-like fashion as it copies payload to an untraceable location on the host computer. Payload is the component of the malware that executes the malicious activity. It resides on the host computer by executing and starting code scripts each time, the computer is rebooted. Once this is completed, the payload monitors the host computer and replicates all data on connected USB drives to a mail account of a remote hacker.
- USB Switchblade Attack
As with the Hacksaw attack, the Switchblade attack makes use of pre-configured smart software which can only be run with Administrator-level privileges. The idea behind the development of Switchblade is to provide a means for gathering information about the internal systems of a Windows host or the network in which it’s connected.
USB Device Control
USB device control is the technique of managing USB ports and devices to prevent the entry of malicious software into computers within a network. It can either be done manually or in an efficient way using a USB port control software. Controlling USB devices helps prevent threats that are launched using unauthorised peripherals and USB storage. Controlling these USB devices also helps prevent users from installing malicious software that hides in USB and other peripheral devices.
USB device control software is used to:
- Control USB devices
- Control USB device access to computers within a network
- Prevent data breaches and system infection
USB device control starts with configuring the rules or access lists required to monitor and block USB devices of different types: USB drives, Human Interface Devices, network modems, etc.
The configured rules allow:
- Blocking connected USB devices when they are of a prohibited type.
- Altering system administrators via prompts or emails when a potentially dangerous type of USB device is connected
- Controlled access to USB devices. Once a particular type of USB device is connected to a computer in the network, users need to complete a multifactor authentication before full access is granted.
- Full monitoring of connected USB devices and activity when users log on.
Conclusion
While it’s true good device control software can protect data and systems, no software vendor has the complete solution for the most advanced attacks by USB exploit until the attack has been discovered. These advanced and carefully designed attacks can halt a computer network and provide an element of surprise. In order to effectively minimise data breaches launched through USB ports, SMEs can either implement a USB device control or seek an outsourced solution.