Partner Perspectives  Connecting marketers to our tech communities.
12/6/2016
12:50 PM
Matthew Rosenquist
Matthew Rosenquist
Partner Perspectives
50%
50%

PoisonTap USB Device Can Hack A Locked PC In A Minute

This is just one example of an emerging technology that enables anyone with physical access to a computer's USB port to potentially harvest data and gain access by spoofing an Internet ecosystem.

PoisonTap is a fully automated proof-of-concept USB device that, when connected to a locked PC, hacks the device and installs a backdoor onto the user’s PC, allowing the attacker to access the victim’s online activities. It takes less than a minute and costs about $5.

Coffee In The Café

Imagine you are in the popular café near your workplace where everyone tends to frequent, and you get up to refresh your drink. Being security conscious, you lock your laptop before you get up. Gone for only two minutes, it was enough for a smooth attacker to come by and slyly insert a small device into your laptop’s USB drive and then moments later remove it and walk away without anyone suspecting foul play. You return to your locked PC none the wiser and continue to work, never knowing you have just been hacked.

Security researcher Samy Kamkar built the working proof-of-concept (POC) on Raspberry Pi Zero and Node.JS. When installed, it siphons cookies, exposes internal routers, and installs a Web backdoor.

USB ports and drives have always been an infection point for malware to gain a foothold on computers. The reason for this is that most computers will install plug-and-play drivers for USB devices without much scrutiny. This trust can be taken advantage of by hackers who present less-than-secure drivers as a way to get in. With access to the USB port, credentials can be stolen even when the screen is locked. Current exploits can work against Windows, OSx, and Linux operating systems.

Protecting Devices

A new generation of hacking USB drives is being developed, putting all of our PCs at risk while we step away for a moment or are distracted. They will get more powerful and virulent over time. Professionals are at risk while at conferences, meetings, coffee shops, and other venues where potentially untrustworthy people are present. It could happen in public, while at a customer’s site, or even in your own work office. It can take as little as 13 seconds and in many cases less than a minute to compromise a system and install a backdoor for remote access by the attacker.

PoisonTap is just one example of an emerging technology that enables anyone with physical access to a computer’s USB port to potentially harvest data and gain access by spoofing an Internet ecosystem. Such bold and scary attacks highlight the need to incorporate both improved physical security and cybersecurity aspects to properly manage the evolving risks.

Interested in more? Follow me on Twitter (@Matt_Rosenquist) and LinkedIn to hear insights and what is going on in cybersecurity.

Matthew Rosenquist is a cybersecurity strategist for Intel and benefits from 25 years in the field of security. He specializes in strategy, measuring value, and developing cost-effective capabilities and organizations that deliver optimal levels of security. Matthew helped ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
oxitech239
50%
50%
oxitech239,
User Rank: Apprentice
12/7/2016 | 9:39:34 AM
mostly F.U.D.
PoisonTap is yet another sad example of the growing lack of know-how on security in the security news industry. Or should i say, sensationmaking news.

PoisonTap is harder to pull-off than you'd expect and much easier to counter than one would expect.

It's shame even security fell to newsmaking and reputationcultivation.
Veterans Find New Roles in Enterprise Cybersecurity
Kelly Sheridan, Staff Editor, Dark Reading,  11/12/2018
Empathy: The Next Killer App for Cybersecurity?
Shay Colson, CISSP, Senior Manager, CyberClarity360,  11/13/2018
Understanding Evil Twin AP Attacks and How to Prevent Them
Ryan Orsi, Director of Product Management for Wi-Fi at WatchGuard Technologies,  11/14/2018
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-15769
PUBLISHED: 2018-11-16
RSA BSAFE Micro Edition Suite versions prior to 4.0.11 (in 4.0.x series) and versions prior to 4.1.6.2 (in 4.1.x series) contain a key management error issue. A malicious TLS server could potentially cause a Denial Of Service (DoS) on TLS clients during the handshake when a very large prime value is...
CVE-2018-18955
PUBLISHED: 2018-11-16
In the Linux kernel 4.15.x through 4.19.x before 4.19.2, map_write() in kernel/user_namespace.c allows privilege escalation because it mishandles nested user namespaces with more than 5 UID or GID ranges. A user who has CAP_SYS_ADMIN in an affected user namespace can bypass access controls on resour...
CVE-2018-19311
PUBLISHED: 2018-11-16
Centreon 3.4.x allows XSS via the Service field to the main.php?p=20201 URI, as demonstrated by the "Monitoring > Status Details > Services" screen.
CVE-2018-19312
PUBLISHED: 2018-11-16
Centreon 3.4.x allows SQL Injection via the searchVM parameter to the main.php?p=20408 URI.
CVE-2018-19318
PUBLISHED: 2018-11-16
SRCMS 3.0.0 allows CSRF via admin.php?m=Admin&c=manager&a=update to change the username and password of the super administrator account.