Universal serial bus (USB) drives are today's most convenient portable data storage devices. But you should be careful of that cute-looking USB drive. In addition to carrying malware, a USB drive can also work as a USB killer to damage your PC permanently.
How does a USB killer work, and what can you do to prevent it?
What Is a USB Killer?
As the term suggests, a USB killer is a modified USB drive that can damage or destroy a device when you insert it into the device's USB port.
✕ Remove Ads
To achieve its objective, a USB killer repeatedly supplies a voltage surge (210–220 volts) to the connected device. As a USB port is designed to handle only 5 volts, this repeated high-voltage power surge damages the host device's electrical system beyond repair.
The first USB killer was reportedly created by a Russian computer researcher working under the pseudonym "Dark Purple." And the idea behind designing it was to test how well a digital device could withstand power surges.
However, computer manufacturers and penetration testers don't use USB killers for this purpose.
✕ Remove Ads
Instead, cybercriminals employ USB killers to damage victims' computers. They can easily buy a USB Kill device for as low as $3.
What's worse, cybercriminals can modify simple USB ionic air purifiers easily to work as USB killers.
How a USB Killer Stick Works
A USB killer device has many capacitors to save electrical energy. When you connect it to a computer, it takes power from the USB port to fill up its capacitors.
Once the USB kill is fully powered up, it empties its power (200 volts or more) all at once back through the data lines of the same USB port. This destroys the host device as data pins are designed to handle a tiny amount of voltage, just enough to send and receive signals.
Today, USB killers have evolved from simple plug-and-zap devices into powerful killers with advanced functionality.
For example, cybercriminals can now buy a USB killer with an internal rechargeable battery. Such a USB killer can destroy the host device even when the device is turned off.
✕ Remove Ads
Some advanced attack modes of today's USB killer include:
- Remote trigger: Someone can initiate an attack via a remote control.
- Timed attack: A cybercriminal can schedule a date and time to trigger the attack.
- Smartphone trigger: One can manage attacks via an Android or Apple smartphone.
Also, threat actors can easily get various adapters to kill devices via display port, HDMI port, micro USB, and more.
A former US student of St. Rose destroyed 59 computers, seven computer monitors, and computer-enhanced podiums using a USB Killer. His criminal act damaged equipment worth $51,109. And employee time for investigating and replacing damaged equipment cost $7,362.
USB Killers are sold commercially online, so one can quickly get one's hands on them.
So take the necessary steps to protect your devices from USB killer attacks.
✕ Remove Ads
Can You Detect a USB Killer Device?
Unfortunately, you cannot distinguish a USB drive from a USB killer just by looking at it. You have to open the case of a USB drive to make that determination. A typical USB Killer has several capacitors to store power from a USB port.
If you want to assess whether a USB drive is a USB Killer or not without opening its case, you will require a USB killer detector.
However, a USB you just found in your parking garage could have been left there strategically to carry out a USB drop attack.
So don't plug in an unknown USB drive to your computer even if a USB Killer detector rules out it being harmful.
How to Protect Against a USB Killer Attack
Here are a few ways to secure your hardware from USB killer attacks.
✕ Remove Ads
Prohibit the Use of Unknown USB Drives
Unknown USB drives pose a severe security threat to businesses and individuals equally. But, still, people plug in USB drives they find randomly.
Researchers from the University of Michigan, the University of Illinois Urbana-Champaign, and Google spread around 297 USB flash drives on a university campus. In their published results, they report that 45 percent of USB drives were picked up and opened.
So there is no surprise that cybercriminals use USB drives to carry out USB drop attacks and USB Killer attacks. And the best way to protect from these USB-related threats is to prohibit your employees from opening each and every USB drive whose origin is unknown.
✕ Remove Ads
Physically Cover USB Ports With USB Caps
Physically capping USB ports is a low-tech solution to prevent USB killer attacks. This is the only way to physically prevent harmful USB drives from being inserted into devices.
Make a policy against removing USB caps from their devices. Employees who need to insert a company-owned USB device must inform the IT department and get the caps removed by the IT admin. Once there is no need for open USB ports, USB caps should be placed again.
Though disabling USB ports doesn’t prevent USB Killer attacks, it can be a good strategy to prevent other USB attacks. Here is how you can disable USB ports on your Windows PC:
- Press Windows + X, and then click on the Device Manager tab.
- Double-click on the Universal Serial Bus Controllers option to expand it.
- Right-click on the USB port to open the context menu. Then, click on the Disable option.
✕ Remove Ads
Go to Device Manager > Universal Serial Bus Controller, and right-click on the USB port to open the context menu. Select the Enable option to enable USB ports on your PC again.
If you must keep a USB port open, use a type C port, as it offers cryptographic authentication to ensure no inappropriate power or data is transferred to the device.
Apple's latest operating system automatically blocks new USB-C devices from communicating with the operating system until a user approves the devices.
Train Your Employees
Your employees play the most crucial role in preventing USB Killers from damaging your PC.
So run cybersecurity awareness training programs regularly in your company. Make your employees understand how dangerous plugging in an unknown USB drive into a company's computer can be.
✕ Remove Ads
They should be aware of disguised USB Killers, such as USB ionic air purifiers. Also, you can regularly check your employees' preparedness to fight USB Killers by leaving USB drives on your company premises.
USB Killer Attack Explained
USB Killers are dangerous. Once you plug it into a USB port, it will destroy a PC quickly. And the best way to prevent USB Killers from damaging PCs is to never use unknown USB drives on computers. Adhering to the best cybersecurity practices will offer optimum protection from most USB-related attacks. You can also have USB ports disabled and physically capped in your company for 100 percent protection.