Get Started Today!  (954) 834-2800

croom new

KB Technologies Blog

KB Technologies has been serving the Deerfield Beach area since 2002, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

The Hacker’s Rubber Ducky Should Frighten You

The Hacker’s Rubber Ducky Should Frighten You

When you think of the rubber ducky, what memories flood your mind? The rubber ducky might be reminiscent of simpler times, but a new threat that is capable of launching malware payloads via USB stands to ruin these fond memories forever.

What is the Rubber Ducky Threat?

The rubber ducky is a device that is, on the surface, no different from a regular flash drive used to transfer files. You’re likely no stranger to them. While the cloud makes this technology somewhat obsolete, the USB flash drive industry (a $7+ billion industry, by the way) is still going strong, seeing a 7% growth year after year. Suffice it to say that there are plenty of USB drives still circulating.

Of course, the rubber ducky is more than just your typical flash drive, even if it looks just like one. When you plug it into a computer, it is recognized not as file storage, but as a device like a USB keyboard. This means that any attempts to stop it from transmitting data are bypassed. Once the device is plugged in, it’s game over. Any keystroke made while the device is open is trusted, meaning that hackers have several different options available to them.

What Kind of Threat is Today’s Rubber Ducky?

Any device which uses a USB dongle must be scrutinized if you want to preserve network security, and rubber ducky is no different. Specifically, this hardware is designed to overcome the challenges faced by previous iterations of the hardware. This device uses what’s called “DuckyScript” to issue demands to the target machine. Previous iterations were limited to writing keystroke sequences, but DuckyScript is much more powerful, allowing attackers to store variables, write functions, and use logic to attack their victims.

Rubber ducky can also determine which operating system the user is running, deploying code to strike at the specified operating system. Furthermore, it can keep its automated executions under wraps by placing delays in-between keystrokes. This convinces the computer that the user is indeed human. Perhaps the most dangerous feature of rubber ducky is its capacity to steal data by encoding it in binary, giving the attacker the ability to steal it.

How Do You Protect Yourself?

The best protection from any USB dongle attacks is to ensure that potentially harmful drives are kept off of your infrastructure in the first place. Make sure that your team knows not to trust random drives they might find lying around, whether in the office or out in the world. If there is any shadow of a doubt concerning a device, it should be reported to IT.

If you don't have an internal IT department, however, we’d be happy to help you keep your infrastructure safe! All you have to do is contact us at (954) 834-2800 to learn more.

Tired Of Annoying Computer Problems That Keep Coming Back?

Which Search Engine Works Best? Part 1
No Matter How Strong Your Computer is, Magnets Are...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Thursday, November 07 2024

Captcha Image

Reach Out Today!

First Name *
Last Name
Email *
Company Name
Phone *
Comments

Mobile? Grab this Article!

QR-Code dieser Seite

Latest Blog

We’re all hooked on our devices. You likely wouldn’t think about driving an hour each way to retrieve your smartphone if you left it at home and would otherwise be without it for a couple of days. It’s not even an option to go that long without access to your phone nowadays....

Latest News

KB Technologies Managed IT is proud to announce the launch of our new website at http://www.kb-it.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...