Abstract image of a woman sitting on books and studying on a laptop

Overcoming USB (In)Security

Michael Boman, profile picture
Michael Boman

The document discusses the security risks associated with USB devices in organizations, including threats from disgruntled employees, careless handling of data, and malicious attacks. It emphasizes the need for protective measures like disabling USB ports, encrypting data, and raising awareness among employees. The presentation also highlights various tools and strategies for preventing unauthorized access and data loss.

Economy & FinanceTechnology
1 of 40
Downloaded 209 times
1
2
Most read
3
4
Most read
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
Overcoming USB (In)Security Michael Boman [email_address] http://www.michaelboman.org
Agenda The Removable Storage Problem The USB Attack Vector Protecting the Organization Against Disgruntled Employees Careless Employees Malicious Individuals Question and Answers
Agenda The Removable Storage Problem The USB Attack Vector Protecting the Organization Against Disgruntled Employees Careless Employees Malicious Individuals Question and Answers
Lost Data In The News Laptop stolen (May 2006) Held private information on 26 million veterans Class Action Lawsuit: $1,000 for each person! October 29, 2006 – Lost CD contains personal data for more than a quarter-million hospital patients. October 30, 2006 – US Federal Homeland Security Storage Drive on the Loose
Lost Data In The News November 20, 2006 – Stolen Laptop causes warning to 11 million UK customers November 22, 2006 – Laptops with UK Police Payroll Details Stolen April. 10, 2007 – Georgia Dept. of Community Health – Disk Missing
Agenda The Removable Storage Problem The USB Attack Vector Protecting the Organization Against Disgruntled Employees Careless Employees Malicious Individuals Question and Answers
The USB Attack Vector Disgruntled Employees Copy confidential data to personal USB device(s) Sell to competitors Blackmail the company Bring your customers to the next employer
The USB Attack Vector Careless Employees Storing confidential data on removable storage Which can be, and often is, lost or stolen
The USB Attack Vector Malicious Individuals Use USB devices as attack vector and toolbox as well as store stolen data on it
Agenda The Removable Storage Problem The USB Attack Vector Protecting the Organization Against Disgruntled Employees Careless Employees Malicious Individuals Question and Answers
Protecting Against Disgruntled Employees “Just Make A Policy That Forbids USB Devices”
USB Devices
USB Devices
USB Devices
USB Devices
USB Devices
USB Devices
USB Devices
USB Devices ? ?
USB Devices
USB Devices
Restricting USB Access Physically Disable USB ports Super-glue the USB port Encase the computer in secured cabinets Logically Disable USB ports Windows Group Policies 3rd Party Software
Super-Glue the USB port
Encase the computers in secured cabinets
Use software to disable USB Storage Devices
Agenda The Removable Storage Problem The USB Attack Vector Protecting the Organization Against Disgruntled Employees Careless Employees Malicious Individuals Question and Answers
Protecting Against Careless Employees What if there is valid business reasons to use USB storage devices?
Storing Data Securely Encrypt data TrueCrypt Free (Libre / Gratis) Open Source Software Cross-platform Windows Linux Various Commercial Offerings Exists
DEMO Truecrypt Enable your USB Device
Agenda The Removable Storage Problem The USB Attack Vector Protecting the Organization Against Disgruntled Employees Careless Employees Malicious Individuals Question and Answers
Background Information on U3 Enabled Drives
Exploiting USB Switchblade Silently recover information from a target Windows PCs, including password hashes, LSA secrets, IP information, etc...
Exploiting USB Hacksaw Automatically infect Windows PCs with a payload that will retrieve documents from USB drives plugged into the target machine and securely transmit them to an email account.
DEMO Hacking with USB drive
Additional Hardening Disable Autorun http://support.microsoft.com/kb/155217 Unfortunately there is no patch for human stupidity Awareness Training is a MUST
Don't forget Data Slurping
Agenda The Removable Storage Problem The USB Attack Vector Protecting the Organization Against Disgruntled Employees Careless Employees Malicious Individuals Question and Answers
Q & A If you got any questions, now is the time to ask them
Thank You! Slides are available at http://michaelboman.org under Creative Commons BY-NC-SA 3.0 License
References IntelliAdmin's USB Drive Disabler http://www.intelliadmin.com/blog/2007/01/disable-usb-flash-drives.html TrueCrypt http://www.truecrypt.org Switchblade http://www.hak5.org/wiki/USB_Switchblade Hacksaw http://www.hak5.org/wiki/USB_Hacksaw

More Related Content

ODP
USB (In)Security 2008-08-22
Michael Boman
 
PPT
USB flash drive security
jin88lin
 
PPTX
Secudrive
Insight Information Technology
 
PPTX
USB Defender Overview
Straff Wentworth
 
PDF
Portable storage device management
cseij
 
PPTX
Learn How to Detect, Prevent, and Replace the Use of USB Drives
SolarWinds
 
PPT
Computer and Network Security
Asif Raza
 
PPT
01-intro-thompson.ppt
MarcoAntonioSotoVera
 
USB (In)Security 2008-08-22
Michael Boman
 
USB flash drive security
jin88lin
 
Secudrive
Insight Information Technology
 
USB Defender Overview
Straff Wentworth
 
Portable storage device management
cseij
 
Learn How to Detect, Prevent, and Replace the Use of USB Drives
SolarWinds
 
Computer and Network Security
Asif Raza
 
01-intro-thompson.ppt
MarcoAntonioSotoVera
 

Similar to Overcoming USB (In)Security (20)

PPT
01-intro-thompson.ppt
SadiaMuqaddas
 
PPT
01-intro-thompson.ppt
ROHITCHHOKER3
 
PPTX
Cyber-savvy Cyber-safety
Tawose Olamide Timothy
 
PPTX
B3: Backup & its relevance
Revolucion
 
PDF
File000152
Desmond Devendran
 
PPT
Cybersafety basics
jeeva9948
 
PPTX
An introduction to cyber security by cyber security infotech pvt ltd(csi)
Cyber Security Infotech
 
PPT
Dev Abhijet Gagan Chaitanya VII-A ....Salwan public school
Devku45
 
PPTX
OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)
Avansa Mid- en Zuidwest
 
PPTX
2. rats (trojans) (cyber awareness series)
Isaac Feliciano
 
PDF
Usb
Ding Ma
 
TXT
Read me!
anntoneth
 
PDF
Cyber security
Arjun Chetry
 
PDF
Microcontroller mayhem - ECTF & USSS 2011
warezjoe
 
PPT
Computer Security Basics for UW-Madison Emeritus Faculty and Staff
Nicholas Davis
 
PPT
cybersafety_and_cyber_security_basics.ppt
pradnyakashikar4
 
PPT
Cyber security and safety
Dooremoore
 
PPT
Cybersafety basics.ppt cs
Vinay Soni
 
PDF
Commonwealth of Learning cybersecurity training for teachers | 2022
KharimMchatta
 
PPT
0290-cyber-security-basics, for biggners
comstarndt
 
01-intro-thompson.ppt
SadiaMuqaddas
 
01-intro-thompson.ppt
ROHITCHHOKER3
 
Cyber-savvy Cyber-safety
Tawose Olamide Timothy
 
B3: Backup & its relevance
Revolucion
 
File000152
Desmond Devendran
 
Cybersafety basics
jeeva9948
 
An introduction to cyber security by cyber security infotech pvt ltd(csi)
Cyber Security Infotech
 
Dev Abhijet Gagan Chaitanya VII-A ....Salwan public school
Devku45
 
OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)
Avansa Mid- en Zuidwest
 
2. rats (trojans) (cyber awareness series)
Isaac Feliciano
 
Usb
Ding Ma
 
Read me!
anntoneth
 
Cyber security
Arjun Chetry
 
Microcontroller mayhem - ECTF & USSS 2011
warezjoe
 
Computer Security Basics for UW-Madison Emeritus Faculty and Staff
Nicholas Davis
 
cybersafety_and_cyber_security_basics.ppt
pradnyakashikar4
 
Cyber security and safety
Dooremoore
 
Cybersafety basics.ppt cs
Vinay Soni
 
Commonwealth of Learning cybersecurity training for teachers | 2022
KharimMchatta
 
0290-cyber-security-basics, for biggners
comstarndt
 
Ad

More from Michael Boman (20)

PPTX
How to drive a malware analyst crazy
Michael Boman
 
PPTX
Indicators of compromise: From malware analysis to eradication
Michael Boman
 
ODP
44CON 2014: Using hadoop for malware, network, forensics and log analysis
Michael Boman
 
PDF
DEEPSEC 2013: Malware Datamining And Attribution
Michael Boman
 
PPT
44CON 2013 - Controlling a PC using Arduino
Michael Boman
 
PDF
Malware Analysis on a Shoestring Budget
Michael Boman
 
PPTX
Malware analysis as a hobby (Owasp Göteborg)
Michael Boman
 
PPTX
Malware Analysis as a Hobby
Michael Boman
 
PPTX
Malware analysis as a hobby - the short story (lightning talk)
Michael Boman
 
KEY
Sans och vett på Internet
Michael Boman
 
PDF
Blackhat USA 2011 - Cesar Cerrudo - Easy and quick vulnerability hunting in W...
Michael Boman
 
PPT
Hur man kan testa sin HTTPS-server
Michael Boman
 
PPT
OWASP AppSec Research 2010 - The State of SSL in the World
Michael Boman
 
PPTX
Enkla hackerknep för testare
Michael Boman
 
ODP
Privacy In Wireless Networks Keeping Your Private Data Private 2008-08-08
Michael Boman
 
ODP
Automatic Malware Analysis 2008-09-19
Michael Boman
 
PPT
Privacy in Wireless Networks
Michael Boman
 
PDF
Network Security Monitoring - Theory and Practice
Michael Boman
 
ODP
Introduction To Linux Security
Michael Boman
 
ODP
Snort
Michael Boman
 
How to drive a malware analyst crazy
Michael Boman
 
Indicators of compromise: From malware analysis to eradication
Michael Boman
 
44CON 2014: Using hadoop for malware, network, forensics and log analysis
Michael Boman
 
DEEPSEC 2013: Malware Datamining And Attribution
Michael Boman
 
44CON 2013 - Controlling a PC using Arduino
Michael Boman
 
Malware Analysis on a Shoestring Budget
Michael Boman
 
Malware analysis as a hobby (Owasp Göteborg)
Michael Boman
 
Malware Analysis as a Hobby
Michael Boman
 
Malware analysis as a hobby - the short story (lightning talk)
Michael Boman
 
Sans och vett på Internet
Michael Boman
 
Blackhat USA 2011 - Cesar Cerrudo - Easy and quick vulnerability hunting in W...
Michael Boman
 
Hur man kan testa sin HTTPS-server
Michael Boman
 
OWASP AppSec Research 2010 - The State of SSL in the World
Michael Boman
 
Enkla hackerknep för testare
Michael Boman
 
Privacy In Wireless Networks Keeping Your Private Data Private 2008-08-08
Michael Boman
 
Automatic Malware Analysis 2008-09-19
Michael Boman
 
Privacy in Wireless Networks
Michael Boman
 
Network Security Monitoring - Theory and Practice
Michael Boman
 
Introduction To Linux Security
Michael Boman
 
Snort
Michael Boman
 
Ad

Recently uploaded (20)

PPTX
_Cyber-Futuristic AI Technology Thesis Defense.pptx
himanshujain0707200
 
PDF
epic-retirement-criteria-for-funds (1).pdf
Henry Tapper
 
PPTX
Lecture on Perfect Competition of the course introduction to microeconomics
TaasinBinHossainAlvi1
 
PPTX
ratio analysis presentation for graduate
NaziaNaeemVisitingTe1
 
PDF
MPEDA Export License Apply Online for Seafood Export License in India.pdf
Ykg global
 
PPTX
Risk Based Audit - Key to managhe the bussines & Creating the value
AangSanjaya2
 
DOCX
Tiếng anh 7 Friends Plus_ Unit 3 _Final Test.docx
chumeomay950
 
PPT
Chapter 3-elasacity and its applications
MarcoPaoloAclan2
 
PDF
PHYSIOLOGICAL VALUE BASED PRIVACY PRESERVATION OF PATIENT’S DATA USING ELLIPT...
hiij
 
PPTX
Corporate Governance and Financial Decision-Making in Consumer Goods.pptx
mdgibuswa
 
PPTX
1. Set Theory - Academic AWellness 2024.pptx
yashvij2027
 
PPTX
Case study for Financial statements for Accounts
AGHILA6
 
PPT
Relevant Information & Alternative Choice Decisions
Adugna37
 
PDF
Chapterrrrrrrrrrrrrrrrrrrrrrrrr 2_AP.pdf
tkhanhha06
 
PPTX
BU22CSEN0300556_PPT.pptx presentation about
HrushikeshDandu
 
PPTX
Rise of Globalization...................
LuisMendez378584
 
PPTX
Premium Ch 6 Supply, Demand, and Government Policies.pptx
vinirwnk
 
PPTX
Integrated Digital Marketing and Supply Chain Model for.pptx
mdgibuswa
 
PPT
1_Chapter_1_Introduction_to_Auditing.ppt
SubrajaKarthikeyan
 
PDF
Income processes in Poland: An analysis based on GRID data
GRAPE
 
_Cyber-Futuristic AI Technology Thesis Defense.pptx
himanshujain0707200
 
epic-retirement-criteria-for-funds (1).pdf
Henry Tapper
 
Lecture on Perfect Competition of the course introduction to microeconomics
TaasinBinHossainAlvi1
 
ratio analysis presentation for graduate
NaziaNaeemVisitingTe1
 
MPEDA Export License Apply Online for Seafood Export License in India.pdf
Ykg global
 
Risk Based Audit - Key to managhe the bussines & Creating the value
AangSanjaya2
 
Tiếng anh 7 Friends Plus_ Unit 3 _Final Test.docx
chumeomay950
 
Chapter 3-elasacity and its applications
MarcoPaoloAclan2
 
PHYSIOLOGICAL VALUE BASED PRIVACY PRESERVATION OF PATIENT’S DATA USING ELLIPT...
hiij
 
Corporate Governance and Financial Decision-Making in Consumer Goods.pptx
mdgibuswa
 
1. Set Theory - Academic AWellness 2024.pptx
yashvij2027
 
Case study for Financial statements for Accounts
AGHILA6
 
Relevant Information & Alternative Choice Decisions
Adugna37
 
Chapterrrrrrrrrrrrrrrrrrrrrrrrr 2_AP.pdf
tkhanhha06
 
BU22CSEN0300556_PPT.pptx presentation about
HrushikeshDandu
 
Rise of Globalization...................
LuisMendez378584
 
Premium Ch 6 Supply, Demand, and Government Policies.pptx
vinirwnk
 
Integrated Digital Marketing and Supply Chain Model for.pptx
mdgibuswa
 
1_Chapter_1_Introduction_to_Auditing.ppt
SubrajaKarthikeyan
 
Income processes in Poland: An analysis based on GRID data
GRAPE
 

Overcoming USB (In)Security

  • 1. Overcoming USB (In)Security Michael Boman [email_address] http://www.michaelboman.org
  • 2. Agenda The Removable Storage Problem The USB Attack Vector Protecting the Organization Against Disgruntled Employees Careless Employees Malicious Individuals Question and Answers
  • 3. Agenda The Removable Storage Problem The USB Attack Vector Protecting the Organization Against Disgruntled Employees Careless Employees Malicious Individuals Question and Answers
  • 4. Lost Data In The News Laptop stolen (May 2006) Held private information on 26 million veterans Class Action Lawsuit: $1,000 for each person! October 29, 2006 – Lost CD contains personal data for more than a quarter-million hospital patients. October 30, 2006 – US Federal Homeland Security Storage Drive on the Loose
  • 5. Lost Data In The News November 20, 2006 – Stolen Laptop causes warning to 11 million UK customers November 22, 2006 – Laptops with UK Police Payroll Details Stolen April. 10, 2007 – Georgia Dept. of Community Health – Disk Missing
  • 6. Agenda The Removable Storage Problem The USB Attack Vector Protecting the Organization Against Disgruntled Employees Careless Employees Malicious Individuals Question and Answers
  • 7. The USB Attack Vector Disgruntled Employees Copy confidential data to personal USB device(s) Sell to competitors Blackmail the company Bring your customers to the next employer
  • 8. The USB Attack Vector Careless Employees Storing confidential data on removable storage Which can be, and often is, lost or stolen
  • 9. The USB Attack Vector Malicious Individuals Use USB devices as attack vector and toolbox as well as store stolen data on it
  • 10. Agenda The Removable Storage Problem The USB Attack Vector Protecting the Organization Against Disgruntled Employees Careless Employees Malicious Individuals Question and Answers
  • 11. Protecting Against Disgruntled Employees “Just Make A Policy That Forbids USB Devices”
  • 22. Restricting USB Access Physically Disable USB ports Super-glue the USB port Encase the computer in secured cabinets Logically Disable USB ports Windows Group Policies 3rd Party Software
  • 24. Encase the computers in secured cabinets
  • 25. Use software to disable USB Storage Devices
  • 26. Agenda The Removable Storage Problem The USB Attack Vector Protecting the Organization Against Disgruntled Employees Careless Employees Malicious Individuals Question and Answers
  • 27. Protecting Against Careless Employees What if there is valid business reasons to use USB storage devices?
  • 28. Storing Data Securely Encrypt data TrueCrypt Free (Libre / Gratis) Open Source Software Cross-platform Windows Linux Various Commercial Offerings Exists
  • 29. DEMO Truecrypt Enable your USB Device
  • 30. Agenda The Removable Storage Problem The USB Attack Vector Protecting the Organization Against Disgruntled Employees Careless Employees Malicious Individuals Question and Answers
  • 31. Background Information on U3 Enabled Drives
  • 32. Exploiting USB Switchblade Silently recover information from a target Windows PCs, including password hashes, LSA secrets, IP information, etc...
  • 33. Exploiting USB Hacksaw Automatically infect Windows PCs with a payload that will retrieve documents from USB drives plugged into the target machine and securely transmit them to an email account.
  • 34. DEMO Hacking with USB drive
  • 35. Additional Hardening Disable Autorun http://support.microsoft.com/kb/155217 Unfortunately there is no patch for human stupidity Awareness Training is a MUST
  • 36. Don't forget Data Slurping
  • 37. Agenda The Removable Storage Problem The USB Attack Vector Protecting the Organization Against Disgruntled Employees Careless Employees Malicious Individuals Question and Answers
  • 38. Q & A If you got any questions, now is the time to ask them
  • 39. Thank You! Slides are available at http://michaelboman.org under Creative Commons BY-NC-SA 3.0 License
  • 40. References IntelliAdmin's USB Drive Disabler http://www.intelliadmin.com/blog/2007/01/disable-usb-flash-drives.html TrueCrypt http://www.truecrypt.org Switchblade http://www.hak5.org/wiki/USB_Switchblade Hacksaw http://www.hak5.org/wiki/USB_Hacksaw

Editor's Notes

  • #2: Ladies and Gentlemen, Thank you for having me. I understand that I am between you and your lunch, so please bear with me while I will discuss a very important problem that is often overlooked. My name is Michael Boman and I am a IT Security Researcher and Developer with over 8 years experience in the field. My day job is to think up technical solutions to improve my employer's bottom line. But for fun I research IT security and privacy issues. My current projects includes automated malware analysis and turning a standard Linksys router into a powerful detection system for attacks on the Internet. Today I will share with you my findings and opinions on the risks associated with USB storage devices and removable storage in general.