To avoid some of the problems of malware and viruses, computer users rely on USB storage devices to keep physical backups of their information. However, this isn't a completely safe solution, according to an article on ThreatPost, because even these detachable devices are vulnerable to a serious security flaw. This means that only a cloud-based answer to legacy applications will entirely avoid these dangers.
Published earlier this month, the ThreatPost article refers to a huge defect in USB devices emphasized at this year's Black Hat conference. Brandon Wilson, a coder who helped demonstrate how USB's can be bypassed, told the source that any USB device, no matter what its intended function, can be hacked so a computer thinks it's something else.
This poses massive security hazards, because an imposter can then use the drive to fool the system it's infecting and use a hidden partition to exploit the host computer, among other actions.
"It's undetectable while it's happening," Wilson told the source. "The PC has no way of determining the difference. The way a PC determines the type of device all happens through the USB and code on the other device. Our ability to control that code means you cannot trust anything a USB device tells you."
While there have been some fixes released, Gizmodo reports that the firmware on these devices is responsible for the flaw, and that this is where the permanent solutions need to be focused. Another option is to utilize a legacy system modernization plan that will keep all information secure and let companies reduce the number of untrustworthy devices.