According to an article posted Friday in Wired magazine, USB thumb drives aren’t just handy ways to move files and information from place to place, they’re also a massive security threat due to a fundamental flaw in their design.
A team of security researchers apparently created a malware program called BadUSB that, they say, proves that the fundemantal security features of every USB drive are effectively worthless, allowing the user to effectively take over a PC just by inserting the infected USB stick into it.
“These problems can’t be patched,” one of the researchers told Wired. “We’re exploiting the very way that USB is designed.”
They say there’s no way to fix the problem, short of eliminating USB drives from your daily life altogether, and there’s a chance that other USB-based peripherals — including keyboards, mice and smartphones — might offer the same vulnerability.
Clearly, in terms of corporate security and risk, this can of worms is just opening up.