Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


10:00 AM
VP Pai
VP Pai
Connect Directly
E-Mail vvv

Rule of Thumb: USB Killers Pose Real Threat

They look just like a USB thumb drive, but instead of storing data, they can be used to destroy it and the device the data is saved on.

Authorities are closing in. The double spy needs to destroy the data and bail before authorities get into the room or he’ll be finished. As they get closer, he plugs a small gadget into the computer, which instantly starts zapping and smoking. The spy climbs out the window to his escape.

It's a movie scene most of us have seen in one form or another. Nowadays, almost anyone can destroy a computer with just a simple online purchase.

The weapon? A Universal Serial Bus (USB) Killer. It looks just like a USB thumb drive, but instead of storing data, it can be used to destroy it and the device the data is saved on. The USB Killer does this by sending high-voltage power surges into the device once it's connected.

Makers of USB Killers say they sell them so people or companies interested in testing their devices for protection against such attacks can do so. But that also means anyone with ill intent can just as easily acquire one.

For example, in April 2019 a former student of the College of Saint Rose in upstate New York, pled guilty to destroying 59 computers at the college campus using a USB Killer. This little device caused some $50,000 in destruction. According to other sources, he also destroyed seven computer monitors and computer-enhanced podiums.

In addition, according to June 2019 research from Dell and Forrester Research, nearly half of companies surveyed had experienced a hardware-level attack in the 12 months prior. Of these attacks, nearly half were internal incidents and the result of accidental or user error, an attack involving a business partner, an attack within the organization, or a malicious internal threat.

How a USB Killer Works
USB Killers are based on a prototype allegedly designed by a Russian researcher, Dark Purple, with the purported intention to destroy sensitive components on any computer. When a USB Killer device is plugged into a USB port, it collects power into its own capacitors from the USB power source of the devices. It does so until it reaches a high voltage. When it's done, it discharges the collected high voltage negative 220 volts onto the USB data pins. It's estimated the currently available USB Killers can generate a voltage of 215 to 220 volts. This damages or destroys the circuitry of the host device. 

This collection of high voltage in its capacitors happens rapidly. In addition, the charge/discharge cycle repeats many times per second so long as it remains connected and hasn't destroyed the device to the point it can't charge itself.

As a result of this process, practically any unprotected device is likely to succumb to the high voltage attack. USB sticks have long been used as a delivery mechanism for ill will, including to infect systems with viruses. This is likely because they are simple and cheap to design and acquire. They are also commonly used by unsuspecting people to store and transfer data.

Stopping a USB Killer
Supposedly, creators of the USB specification have addressed the vulnerabilities of a USB Killer with a new software-based cryptographic authentication protocol. This is for USB-C authentication and would help protect against such an attack by preventing unauthorized USB connections. However, there are already claims this protocol can be bypassed.

Device designers do have some options to include more hardware-based circuit protection. (Editor's note: The author's company is one of several providers of circuit protection components.) However, in many cases, designers unfortunately opt to save the extra pennies per device it would cost to do so. Still, extra circuit protection is highly beneficial in key markets — for example, in the medical device market, where a system's uptime can be life or death. In addition, some aircraft electronic systems have USB interface ports, and a person could easily damage the entire passenger infotainment system on a plane and any third-party device that is connected to the same USB line. Industrial or building systems equipment that is susceptible to disgruntled employee backlashes might also be a worthwhile target for extra circuit protection.

System designers can take some immediate steps to protecting their hardware by disabling unused USB ports or capping them so they’re more difficult to use. Some companies have also attempted to ban external media used on internal company systems. One reason: Employees often use USB memory sticks to take a file with them to work on at home. However, if not properly administered it can also lead employees to upload files to the cloud, which brings about additional security concerns.

From the cost of damage to physical systems to the risk of losing critical data, the threat posed by USB Killers is very real. Don't let your organization become the basis for the next blockbuster movie.

Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's featured story: "How InfoSec Pros Can Help Healthcare During the Coronavirus Pandemic."

VP Pai is vice president of ProTek Devices. Prior, he worked at Intersil and Harris Semiconductor in various senior management roles. He has been in the semiconductor industry since 1978. View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-04-10
Valve Steam through 2021-04-10, when a Source engine game is installed, allows remote authenticated users to execute arbitrary code because of a buffer overflow that occurs for a Steam invite after one click.
PUBLISHED: 2021-04-10
A command execution vulnerability in SonicWall GMS 9.3 allows a remote unauthenticated attacker to locally escalate privilege to root.
PUBLISHED: 2021-04-09
Zoom Chat through 2021-04-09 on Windows and macOS allows certain remote authenticated attackers to execute arbitrary code without user interaction. An attacker must be within the same organization, or an external party who has been accepted as a contact. NOTE: this is specific to the Zoom Chat softw...
PUBLISHED: 2021-04-09
Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
PUBLISHED: 2021-04-09
Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.