advertisement

Overcoming USB (In)Security

0 %
100 %
advertisement
Information about Overcoming USB (In)Security

Published on October 24, 2007

Author: mboman

Source: slideshare.net

Description

This is the slides I used for my "Overcoming USB (In)Security" presentation at NextGen CyberCrime conference in Singapore
advertisement

Overcoming USB (In)Security Michael Boman [email_address] http://www.michaelboman.org

Michael Boman

[email_address]

http://www.michaelboman.org

Agenda The Removable Storage Problem The USB Attack Vector Protecting the Organization Against Disgruntled Employees Careless Employees Malicious Individuals Question and Answers

The Removable Storage Problem

The USB Attack Vector

Protecting the Organization Against

Disgruntled Employees

Careless Employees

Malicious Individuals

Question and Answers

Agenda The Removable Storage Problem The USB Attack Vector Protecting the Organization Against Disgruntled Employees Careless Employees Malicious Individuals Question and Answers

The Removable Storage Problem

The USB Attack Vector

Protecting the Organization Against

Disgruntled Employees

Careless Employees

Malicious Individuals

Question and Answers

Lost Data In The News Laptop stolen (May 2006) Held private information on 26 million veterans Class Action Lawsuit: $1,000 for each person! October 29, 2006 – Lost CD contains personal data for more than a quarter-million hospital patients. October 30, 2006 – US Federal Homeland Security Storage Drive on the Loose

Laptop stolen (May 2006) Held private information on 26 million veterans Class Action Lawsuit: $1,000 for each person!

October 29, 2006 – Lost CD contains personal data for more than a quarter-million hospital patients.

October 30, 2006 – US Federal Homeland Security Storage Drive on the Loose

Lost Data In The News November 20, 2006 – Stolen Laptop causes warning to 11 million UK customers November 22, 2006 – Laptops with UK Police Payroll Details Stolen April. 10, 2007 – Georgia Dept. of Community Health – Disk Missing

November 20, 2006 – Stolen Laptop causes warning to 11 million UK customers

November 22, 2006 – Laptops with UK Police Payroll Details Stolen

April. 10, 2007 – Georgia Dept. of Community Health – Disk Missing

Agenda The Removable Storage Problem The USB Attack Vector Protecting the Organization Against Disgruntled Employees Careless Employees Malicious Individuals Question and Answers

The Removable Storage Problem

The USB Attack Vector

Protecting the Organization Against

Disgruntled Employees

Careless Employees

Malicious Individuals

Question and Answers

The USB Attack Vector Disgruntled Employees Copy confidential data to personal USB device(s) Sell to competitors Blackmail the company Bring your customers to the next employer

Disgruntled Employees

Copy confidential data to personal USB device(s)

Sell to competitors

Blackmail the company

Bring your customers to the next employer

The USB Attack Vector Careless Employees Storing confidential data on removable storage Which can be, and often is, lost or stolen

Careless Employees

Storing confidential data on removable storage

Which can be, and often is, lost or stolen

The USB Attack Vector Malicious Individuals Use USB devices as attack vector and toolbox as well as store stolen data on it

Malicious Individuals

Use USB devices as attack vector and toolbox as well as store stolen data on it

Agenda The Removable Storage Problem The USB Attack Vector Protecting the Organization Against Disgruntled Employees Careless Employees Malicious Individuals Question and Answers

The Removable Storage Problem

The USB Attack Vector

Protecting the Organization Against

Disgruntled Employees

Careless Employees

Malicious Individuals

Question and Answers

Protecting Against Disgruntled Employees “Just Make A Policy That Forbids USB Devices”

“Just Make A Policy That Forbids USB Devices”

USB Devices

USB Devices

USB Devices

USB Devices

USB Devices

USB Devices

USB Devices

USB Devices ? ?

USB Devices

USB Devices

Restricting USB Access Physically Disable USB ports Super-glue the USB port Encase the computer in secured cabinets Logically Disable USB ports Windows Group Policies 3rd Party Software

Physically Disable USB ports

Super-glue the USB port

Encase the computer in secured cabinets

Logically Disable USB ports

Windows Group Policies

3rd Party Software

Super-Glue the USB port

Encase the computers in secured cabinets

Use software to disable USB Storage Devices

Agenda The Removable Storage Problem The USB Attack Vector Protecting the Organization Against Disgruntled Employees Careless Employees Malicious Individuals Question and Answers

The Removable Storage Problem

The USB Attack Vector

Protecting the Organization Against

Disgruntled Employees

Careless Employees

Malicious Individuals

Question and Answers

Protecting Against Careless Employees What if there is valid business reasons to use USB storage devices?

Storing Data Securely Encrypt data TrueCrypt Free (Libre / Gratis) Open Source Software Cross-platform Windows Linux Various Commercial Offerings Exists

Encrypt data

TrueCrypt

Free (Libre / Gratis) Open Source Software

Cross-platform

Windows

Linux

Various Commercial Offerings Exists

DEMO Truecrypt Enable your USB Device

Truecrypt Enable your USB Device

Agenda The Removable Storage Problem The USB Attack Vector Protecting the Organization Against Disgruntled Employees Careless Employees Malicious Individuals Question and Answers

The Removable Storage Problem

The USB Attack Vector

Protecting the Organization Against

Disgruntled Employees

Careless Employees

Malicious Individuals

Question and Answers

Background Information on U3 Enabled Drives

Exploiting USB Switchblade Silently recover information from a target Windows PCs, including password hashes, LSA secrets, IP information, etc...

Switchblade

Silently recover information from a target Windows PCs, including password hashes, LSA secrets, IP information, etc...

Exploiting USB Hacksaw Automatically infect Windows PCs with a payload that will retrieve documents from USB drives plugged into the target machine and securely transmit them to an email account.

Hacksaw

Automatically infect Windows PCs with a payload that will retrieve documents from USB drives plugged into the target machine and securely transmit them to an email account.

DEMO Hacking with USB drive

Hacking with USB drive

Additional Hardening Disable Autorun http://support.microsoft.com/kb/155217 Unfortunately there is no patch for human stupidity Awareness Training is a MUST

Disable Autorun

http://support.microsoft.com/kb/155217

Unfortunately there is no patch for human stupidity

Awareness Training is a MUST

Don't forget Data Slurping

Agenda The Removable Storage Problem The USB Attack Vector Protecting the Organization Against Disgruntled Employees Careless Employees Malicious Individuals Question and Answers

The Removable Storage Problem

The USB Attack Vector

Protecting the Organization Against

Disgruntled Employees

Careless Employees

Malicious Individuals

Question and Answers

Q & A If you got any questions, now is the time to ask them

If you got any questions, now is the time to ask them

Thank You! Slides are available at http://michaelboman.org under Creative Commons BY-NC-SA 3.0 License

Slides are available at http://michaelboman.org under Creative Commons BY-NC-SA 3.0 License

References IntelliAdmin's USB Drive Disabler http://www.intelliadmin.com/blog/2007/01/disable-usb-flash-drives.html TrueCrypt http://www.truecrypt.org Switchblade http://www.hak5.org/wiki/USB_Switchblade Hacksaw http://www.hak5.org/wiki/USB_Hacksaw

IntelliAdmin's USB Drive Disabler http://www.intelliadmin.com/blog/2007/01/disable-usb-flash-drives.html

TrueCrypt

http://www.truecrypt.org

Switchblade

http://www.hak5.org/wiki/USB_Switchblade

Hacksaw

http://www.hak5.org/wiki/USB_Hacksaw

Add a comment

Related pages

HP Blogs - Overcoming the Equation: Security = Friction ...

Overcoming the Equation: Security = Friction. ... We’re not done yet, though – badges for physical access, PKI, USB keys, SmartCards, soft certs, ...
Read more

Overcoming the USB stick is not detected in Windows - Tips ...

Genesis USB stick not detected maybe we’ve ever experienced, ranging from simple problems because of damage to its own USB devices. If you experience ...
Read more

Overcoming The Security/Business Conflict

Overcoming The Security/Business Conflict. ... "A lot of people implement hardware in the form of glue, such as locking down USB drives or CD-ROMs.
Read more

Overcome security issues in embedded systems | Embedded

Overcoming these design challenges has become crucial to embedded systems designers in ... such as with a USB thumb ... Security requirements can vary for ...
Read more

Understanding and overcoming cyber security anti-patterns

Understanding and overcoming cyber security anti-patterns. Klaus Julisch ... A hypothetical hacker drops a malware-infected USB stick in her target’s ...
Read more

Overcoming Wireless USB commercialization challenges

Wireless USB, also known as ... Overcoming Wireless USB commercialization challenges. ... Wireless SDR: overcoming next gen handset challenges;
Read more

Presentations & Papers - Michael Boman

Presentations & Papers. You can find my presentations at Slideshare. Malware Analysis on a shoe-string budget. ... Overcoming USB (In)Security. Presentation.
Read more

Overcoming Mobile Enterprise Security Challenges - SOTI - Home

Overcoming Mobile Enterprise Security Challenges WHITE PAPER. White Paper | www.SOTI.net We Manage Mobility
Read more