Thursday, September 15, 2016

Security Director Alert: USB Sabotage Kills Devices in Split-Second - Only $49.95

For just a few bucks, you can pick up a USB stick that destroys almost anything that it's plugged into. Laptops, PCs, televisions, photo booths -- you name it.

Once a proof-of-concept, the pocket-sized USB stick now fits in any security tester's repertoire of tools and hacks, says the Hong Kong-based company that developed it.

It works like this: when the USB Kill stick is plugged in, it rapidly charges its capacitors from the USB power supply, and then discharges -- all in the matter of seconds.

On unprotected equipment, the device's makers say it will "instantly and permanently disable unprotected hardware"...

The lesson here is simple enough. If a device has an exposed USB port -- such as a copy machine or even an airline entertainment system -- it can be used and abused, not just by a hacker or malicious actor, but also electrical attacks.

"Any public facing USB port should be considered an attack vector," says the company. "In data security, these ports are often locked down to prevent exfiltration of data, or infiltration of malware, but are very often unprotected against electrical attack."

Not every device is vulnerable to a USB Kill attack. The device maker said that Apple "voluntarily" protected its hardware. more

From strongly condems malicious use of its products.
The USB Killer is developed and sold as a testing device. Use of the device can permanently damage hardware. Customers agree to the terms and conditions of sale, and acknowledge the consequences of use.

In a nutshell, users are responsible for their acts.
A hammer used maliciously can permanently damage to a third party's device. The USB Killer, used maliciously, can permanently damage a third party's device.

As with any tool, it is the individual, not the manufacturer of the tool, responsible for how the individual uses the tool.

The USB Killer was used on our equipment
Please see above. We suggest pursuing the individual responsible, or reporting the act to the appropriate authorities.

This is only one spy trick. 
We know hundreds more.  
Call us for a TSCM / Information Security Survey.