USB = Ultimate Security Breakdown?

By | December 13, 2005

Malicious code meets device Wireless LANs and laptop computers are the current hot vectors for malicious code infections, but the recent appearance of malware in portable and personal devices does not bode well for security administrators. Infected PDAs syncing to a corporate computer could result in a scenario where malicious code is passed from device to machine to corporate network. It´s also conceivable that future malware will seek out portable media solely for the purpose of proliferation. Storage device meets mouse The convergence of different computer components and technology could present the ultimate dilemma for security personnel.

Mice, keyboards and other components that are intrinsic to everyday computing, combined with storage capabilities, are a potential Swiss Army knife for data thieves and insiders are yet another threat vector for malicious code exploits. Unfortunately, most security organisations are still drowning in their battle against malicious code and vulnerability patching, keeping the focus on perimeter security technologies, such as corporate firewalls, server anti virus strategies and content filtering at the gateway.

While these measures are important and administrators must continue to lock things down at the network hub, the number of spokes coming out of that hub is growing exponentially. Many organisations have hundreds or thousands of machines hooked up to the network at any given time. When you factor in the possibility that very soon there could be multiple devices per PC, with unlimited access to the network, it presents a very sobering reality for security personnel.

There are immediate steps that companies can take that will go a long way toward solving this problem, including a “white list” approach to block unsanctioned devices, applications and executable files from all corporate machines. Until these types of measures are implemented, USB devices will continue to be the weakness in perimeter security´s Maginot Line, allowing a relatively easy and tempting way for wayward insiders and malicious code writers to hurt government agencies and organisations.

A major step toward solving this problem will be software that enforces USB policy on each and every machine, with the granularity to recognise user privileges and individual models and makes of USB device before allowing these devices to access the network. In this way, we can halt the egress of data and prevent infection via the USB, turning a potential ultimate security breach into an unbreakable security barrier.

Leave a Reply