All of us have done that sometimes. Even if the computer notices that the device must be removed safely, we disconnect the USB input without cautions to save time. Almost never happens, but when we talk about other environments, or large-scale projects, it can cost us great displeasure. Months of work and very valuable information goes directly to the trash, with no possibility of recovering it. And that is something that many professionals can not afford.
After years of experience in large companies from different sectors, Jorge Vega, Estefanía Soto and María Cobas came together to make authUSB a reality, a spin-off that is now a consolidated project with a great future ahead of it. “The idea arose in response to the need of a customer in a critical industrial sector to make the entries of physical external storage devices more secure, something simple and complicated at the same time, since traditional media, such as antivirus, only protect against malware”, explain Vega, Soto and Cobas.
The idea of authUSB has received an important boost in the fifth edition of ViaGalicia, the accelerator of companies of the Axencia Galega de Innovación and the Consorcio Zona Franca de Vigo. “For us it was a before and an after, we were trained by great professionals from all fields, and we shared six months with projects that we have learned a lot from, it was very enriching, personally and professionally”.
What harm can a USB device do?
To explain the risks that can come through these storage devices, the authUSB team compares the situation with what can happen through email. “Just as we do not open an attachment from someone we do not know, we should not connect a USB stick to our computer that has not been under our control, it’s a lottery if we do it,” they explain.
Thus, the pendrives, external hard drives, chargers, mice or any other device are a potential threat in itself. “Many times the danger is in the continent, not in the content, the threat is the external memory itself and not the malicious programs it may contain, and in this case, no antivirus can act,” say the creators of authUSB.
There are three levels of threats in USB devices, but antivirus only serve to neutralize one of them: malware. This type of infections are known as trojans, worms or viruses, which affect the operating system through software, disguised as legitimate applications and harmless in theory.
Not so much, there are also hardware level attacks, known as BadUSB, where the device itself infects the computer. “They can modify the configuration of the equipment emulating, for example, the keyboards, with command commands that are executed when the USB is inserted or also intervening network cards that intercept communications.
And, in addition to this, there is a third type of attack at the electrical level. The so-called USB Killer are capable of inducing discharges of up to 220 volts in the equipment, so they “kill” them instantly.
And they are not, according to authUSB, very rare cases. “They are simple attacks, and simpler than we might think, in large corporate structures, they range from a disgruntled employee to an oversight for introducing a memory that we happen to meet, and this can generate real chaos.”
To avoid mishaps, the authUSB SafeDoor method creates a single gateway for all external storage devices used by an organization. “It is the only solution of the purchase that protects the companies of the three levels of attack,” they say from the company.
Through a device with the size of the palm of hand, the USB input is controlled in all the equipment connected to the network. “Safe Door performs an analysis of electrical and hardware threats, and then, through a web interface, we navigate through the directories and files of the external memory, selecting the ones we want to analyze at the software level, in case they are not infected, we can download or store them on the device itself. ” The SafeDoor also performs another previous filter, without having to access the memory of the pendrive.
To complement this device, authUSB also developed a central console that collects and audits all the information of the Safe Door used by the organization: what files were treated, when, where and by whom, etc. “This supposes a source of information and audit that is fundamental in a company”.
Right now, authUSB is already producing your device. “It is having a very good reception and we already have several successful cases in industrial environments and public administrations.” In May 2018, they received the Security Forum award for the best security project carried out in Spain.