Information Gap Around USB Potential Feeds Security Concern

Published 6th September 2006

U3 applications take advantage of loophole in IT security...

The demand for information around the latest USB threats has reached its highest ever point, according to IT governance and security expert Centennial Software’s records. Security managers’ concerns were highlighted when visitors to the endpoint security vendor’s website rocketed by 1,000 per cent after it published a list of top USB hacking tools. This led to the post being referenced widely across the blogosphere sending the URL to number one on link-sharing site del.icio.us.

Since then, Centennial has seen a huge surge in requests for details about the security threat posed by the latest gadgets. Daily unique visitor numbers have remained more than 300 per cent higher than last years’ average.

The sought-after facts outlined threats to the corporate network posed by the latest self-launching U3 technology that enables devices to automatically run the moment they are connected to a PC, making data theft easier than ever. Programs highlighted include password-cracking technology and a network-searching tool, which allows users to explore an entire network and identify vulnerabilities.

Site visitors soon started to recognise the threat posed by this new breed of USB drive and started linking to the story and referencing the information on their blogs.

“It was fascinating to see the extent of the public’s interest in this issue. Since the information was posted online we’ve seen a continual increase in demand for information around USB security threats,” said Matt Fisher, vice-president at Centennial. “As the technology has become increasingly affordable, it’s now commonplace to see portable media devices around the workplace. Organisations will see an influx of U3 drives as individuals upgrade to new devices with additional features.”

“By removing the need for human intervention, U3 drives make it even easier to steal or corrupt data without a trace. The realisation of this potential must be what initiated the surge in web traffic,” he added. “People were desperate to know more.”

An overview of the top USB hacks that gripped readers were as follows:


1. Slurp: a podslurping application that can copy vast amounts of company files in seconds

2. John the Ripper: detects and cracks weak passwords

3. Nmap: can explore an entire network and identify vulnerabilities and security technology

4. Ethereal: allows the user to see all traffic passing over a network – originally used for troubleshooting

5. Showtraf: continuously monitors and displays network traffic

6. TCPDump: enables the user to display and intercept TCP/IP addresses travelling across a network

7. Nemisis: intended to test intrusion detection systems, can enable the bypassing of security measures

8. Netpass: recovers passwords on various guarded areas of the network

“These hacking applications represent every CSO’s worst nightmare,” continued Fisher. “But there are answers. An effective acceptable usage policy on portable media devices can address the issue of employees bringing hacks into the office on gadgets such as USB sticks.”

“However, worryingly, many organisations are yet to put in place even basic measures to address the removable media threat: recent research has found that as many as three quarters of professionals don’t rate such devices as a top threat to their company network. This security black-hole is failing to be addressed and we believe that making people aware of what’s out there will help to correct this.”

In light of this, Centennial has provided a simplified overview of how these pieces of software, originally designed to help close security loopholes, is being harnessed for more sinister uses. This is available on www.watchyourend.com. The company is continuously updating the ‘threat list’ as and when new ones come to light.








Company Profiles powered by ITReseller.com