UK Researchers Invent Device to Thwart USB Malware


A team of researchers at a UK university have designed a new device, which they claim will mitigate the risk of malicious USB drives.

The “external scanning device” was designed at Liverpool Hope University and will soon go into production, having been granted a patent by the Indian government.

It has been engineered to overcome a major issue with operating systems — that if not configured correctly, they will trust all USBs regardless of what might be installed on them.

This could allow for the automatic transfer of malware from the thumb drive to the host PC.

However, the new device sits between the PC or laptop and USB stick, scanning the removable media for malware whilst disguising information about the computer so that it’s “nearly impossible” for any malicious code to infect the machine.

“Our invention safeguards the host computing device by providing an additional layer of hardware security, and by hiding the host operating system information. The disguised information effectively confuses the external memory device that is plugged into the computing device,” explained project lead, Shishir Kumar Shandilya.

“The invented device also scans the USB and decides the visibility and accessibility of the files present in USB devices at the host computer, giving either full access, partial access or a full block.”

Effectively, the new scanning device aims to “keep the malicious code busy” with a disguised OS, while it scans and categorizes the thumb drive.

The project is said to stem from a relatively new field known as Nature Inspired Cybersecurity (NICS), which takes ideas from the natural world and applies them to IT, to enhance cyber defense.

Shandilya, who is a visiting research fellow in Hope’s School of Mathematics, Computer Science and Engineering, claimed the team is in discussions with manufacturers about how to turn the full prototype into a commercially viable device.

Although not the threat they once were, USB-borne malware threats doubled in OT environments from 2019-2020, according to Honeywell.

There’s also a chance that the advent of hybrid working may lead to a resurgence in the use of thumb drives.

Products You May Like

Articles You May Like

THN Webinar: 3 Research-Backed Ways to Secure Your Identity Perimeter
Tick APT Group Hacked East Asian DLP Software Firm
Bitcoin ATM customers hacked by video upload that was actually an app
The slow Tick‑ing time bomb: Tick APT group compromise of a DLP software developer in East Asia
SVB collapse is a scammer’s dream: Don’t get caught out

Leave a Reply

Your email address will not be published. Required fields are marked *