USB Attacks Need Physical Access Right? Not Any More...

Presented at Black Hat Asia 2014, Unknown date/time (Unknown duration).

For a number of years I have been interested in USB host security, which can only be comprehensively tested using a combination of software and bespoke hardware to emulate various USB devices. After developing several different approaches to testing USB (which I've publicly discussed at various conferences), I have identified over 100 bugs covering all the major operating systems. The response from the vendors has often been along these lines: "thank you for the bug, but as you need physical access to plug in your rogue device, the impact is actually quite low." However, due to recent advances in a number of remoting technologies, USB attacks can now be launched over a network. The talk will describe how these technologies work, the resulting impact on the world of USB bugs and show a live demo remotely triggering a USB kernel bug in Windows 2012 server.


Presenters:

  • Andy Davis - NCC Group
    Andy is Research Director at NCC Group. He has worked in the Information Security industry for over 20 years, performing a range of security functions throughout his career. Prior to joining NCC Group, Andy held the positions of Head of Security Research at KPMG, UK and Chief Research Officer at IRM Plc. Before working in the private sector he worked for ten years performing various roles in Government. Recently, Andy has been leading security research projects into technologies such as embedded systems and hardware interface technologies and developing new techniques for software vulnerability discovery. Andy regularly presents at conferences such as Black Hat, CanSecWest, Infiltrate, and EUSecWest.

Links:

Similar Presentations: