This Killer USB Drive Will Fry Your Laptop
Do you know the USB devices we carry each day can be converted into a bomb? You must be thinking like “yeah whatever.”
No, it’s true, a researcher just showed how a USB can be converted into a killer USB that can kill your whole PC within seconds.
Though, this is not the first time such a USB has been demonstrated. In March, the same researcher showed that a USB can cause harm to vital components of a system if plugged in. But, this time around the USB he demonstrated was significantly more powerful and was named as “Dark Purple”
The USB has been developed with a DC/DC converter, caps and FET. On plugging, the DC/DC converter charges the USB to -220V in the new version (in the old version it was -110V). This voltage is applied to the signal lines of the USB interface.
The process repeats itself until all the components of the PC are destroyed.
What’s more troubling about the version 2.0 is that the reaction rate is much more than the earlier version, which allows it to destroy the whole system within few seconds.
During the demonstration, the researcher lost his new laptop. This is what he said after the demonstration:
“Do not worry about the laptop, the new motherboard is on the way – and the laptop will live again,” He specifically bought new laptop (Lenovo Thinkpad X60) just for this experiment, according to the researcher’s blog post.
This is not the first time a USB has been used as a weapon. USB drives have been used many times for compromising systems in air-gapped networks.
Stuxnet worm is the best example in the recent past when a USB drive was used as a weapon. Stuxnet worm was designed to destroy centrifuges at a nuclear facility.
So, our advice for you would be to be very careful while using anyone’s USB (better still, do not use anyone’s USB in your system), as one wrong step on your side can put all your data on risk.
If you need any type of USB or memory stick recovery, please don’t hesitate to contact us on 0800 999 3282 for a free no obligation quote!
52% of small businesses do nothing to stop cybercrime
Says a study looking at small business around the UK, even with awareness of cybercrime on the rise, a sizeable proportion of the UK’s small businesses are doing nothing whatsoever to avoid falling victim to a data breach.
A new study from CSID, published on July 8th, which showed that more than half (52 per cent) of the UK’s small business “are not taking any preventative measures to protect themselves against cybercrime”.
Furthermore, the company found that 85 per cent of small businesses have no plans to increase their spending on data security in the future, leaving their risk of data loss unmitigated.
To illustrate the severity of the threat, CISD set up an online presence for a fictitious business called Jomoco and had two fabricated employees accidentally leak sensitive data.
It took hackers just one hour to exploit this information and lock the employees out of their email and social media accounts, as well as deface the Jomoco website.
“Understanding and educating employees about the security threats associated with establishing and running a business should be the first step in mitigating (cyber) risk,” said Andy Thomas, managing director of the company’s European division, in response to the findings.
Complex data recovery requires expertise. Speak to the data recovery industry pioneers at Kroll Ontrack for free advice to investigate options to recover from any data loss type, system or cause.
We can support and advise you on any type of complex data recovery for your business plu our advise is FREE, please don’t hesitate to contact us on 0800 999 3282 for a free no obligation quote.
11-year-old girl sets up business selling secure passwords
Sixth-grader Mira Modi has started her own business making cryptographically secure passwords using a system called Diceware.
Weak passwords are still the plague of the cybersecurity industry, with the most popular passwords of 2014 including “123456”, “password” and “qwerty”, making it easy for hackers to break into accounts and steal data. Now an 11-year-old girl from New York is offering a solution.
Sixth-grader Mira Modi has started her own business making cryptographically secure passwords and selling them for $2 a pop. She generates the passwords using a system called Diceware to create strings of words that are easy to remember but difficult to crack.
The system involves rolling a die to generate random numbers, which are matched to a list of short words from the Diceware dictionary. Those words are then combined into a non-sensical string, such as: alger klm curry blond puck horse.
These six-word passphrases contain a lot of “entropy”, or randomness, which means that it would take a powerful computer a very long time to correctly guess them. They are also easier to memorise than strings of individual characters.
Miss Modi is the daughter of ProPublica journalist Julia Angwin, author of Dragnet Nation. As part of her research for the book, Angwin employed her daughter to generate Diceware passphrases, and Modi had the idea to turn it into a small business, according to Ars Technica.
“I started this business because my mom was too lazy to roll dice so many times, so she paid me to make roll dice and make passwords for her. Then I realized that other people wanted them, too,” wrote Miss Modi on her website.
“I personally find that my Diceware passwords are surprisingly easy to remember. However, I only use a few Diceware passwords for important accounts. I use a password manager, 1Password, to create and store passwords for my less-important accounts.”
Diceware generated password, sent by US Postal MailDiceware generated password, sent by US Postal Mail.
She added that once her customers receive their hand-written passphrases in the post, they should make some small changes such as capitalising letters or adding symbols such as exclamation marks, to ensure they are truly unique.
The risk of using weak passwords has come to light in recent months, after hackers gained access to the entire database of Ashley Madison, a dating website for people who want to have affairs, and posted the names of all 37m users on the internet.
The most common passwords for the site were “123456”, “12345”, “password” and “default”. Other notable passwords included “ashley”, “ashleymadison” and “696969”.
However, even strong passwords are no guarantee against data breach. TalkTalk customers are being urged to change their passwords, and any passwords that are the same as their TalkTalk password, following last week’s cyber attack.
Security Pros Pessimistic About Ransomware Data Recovery
In most cases, security experts believe they wouldn’t be able to recover from a ransomware attack without losing critical data.
Those are the results of a survey conducted by endpoint protection provider Tripwire, during the recently held RSA Conference 2016.
During the conference, 200 IT security professionals were asked if their company could recover from a ransomware attack without losing critical data. Unfortunately, just 38 per cent answered positively, saying they were ‘very confident’ in doing so.
“The decision to pay a ransom comes down to the confidence and financial cost of recreating or restoring data from a previous backup,” said Travis Smith, senior security researcher for Tripwire. “Since most ransomware samples we have seen have a time limit to pay, it’s important to have confidence that you can restore the majority of data on short notice. Organizations should focus on improving backup and restoration procedures to reduce the cost of restoring data and services after a potential breach.”
According to 73 per cent of polled security experts, critical infrastructure providers are more vulnerable to these types of attacks than the rest of us, while 52 per cent said they don’t think their executives could spot a phishing attempt.
Spear phishing in the past 12 months has risen, according to 58 per cent of polled experts.
Ransomware has become extremely popular lately, becoming the top threat for mobile devices, according to a recent Blue Coat Systems Malware Report.
Not even Apple’s systems are safe any more, and security experts are urging everyone to be careful when opening attachments and keep backup copies of business critical data.