Hardware Firewall for USB Devices

USB Device

This is one of the best low-cost security products to come along in a long time. Here’s why.

A few years ago, I attended a security conference sponsored by Ingram Micro (a large distributor of technology products, for those of you who may not be in the tech industry). One of the sessions I sat in on was a presentation by Ingram’s security team – the team that companies hire to do penetration testing of their networks and see how good their corporate security really is. One of the biggest challenges in IT security is that you are probably more at risk from an internal security breach – whether by malicious actions by an employee, or simple carelessness – than you are from being penetrated by an external attacker via the Internet. After all, most employees are not security experts, and often do things they shouldn’t do regardless of how diligently you try to educate them on proper security. So the penetration testing would typically include some kind of “social engineering” attack to trick employees into compromising security.

The first challenge, of course, is to get physical access to the company’s premises – but that turns out to not be very difficult. One of the things they would do after getting into the building would be to “seed” some USB sticks around – just leave a few laying around in break rooms and kitchen areas, drop a few in the parking lot, etc. These USB sticks would use the “autorun” function to install malware as soon as they were inserted in a PC device. This was almost 100% effective, as inevitably someone wouldn’t be able to resist picking up a free USB drive (even though they’re now dirt cheap at your local office superstore). As soon as they plug it in, BAM – they’re infected. And this doesn’t apply only to USB flash drives. Pretty much any USB device could be used as an attack vector: a keyboard, a mouse, a webcam, you name it.

Now, as ZDNet reports, it is possible to purchase a $60 hardware firewall that’s roughly the size of a typical USB flash drive, and that will block this kind of attack. You plug the firewall into your PC’s USB port, then plug the suspicious USB device (and any USB device should be suspicious if you don’t know where it came from) into the firewall.

Now, this won’t protect you against malware stored on the flash drive itself. In other words, if you explicitly install software from the flash drive, and it turns out that the software contains malicious code, you are still in trouble, unless your PC’s anti-malware software catches it. But it will protect you against exploits that are triggered simply by plugging the device in. That’s not a bad deal for $60.

Leave a Comment