It could also potentially enable the device to install software as a driver, which could further compromise the system for later remote access. If the user is an administrator, this increases the potential for a breach.
In theory, by using the computer's system credentials to install, access and replay credentials, one can gain quick access to a desktop to attempt to install software or access information based on the logged-on user's access level. Using this tool, someone can quickly gain access to a computer, using the computer's core credentials to unlock the system. Many computers have ports located for easy access up front and behind. Many businesses place computers in locations for employees to access, to assist customers, clients, and exposes the rear of the computer. This new attack goes a step further, and ultimately requires another dance between accessibility and security needs. Further, additional security is often applied to lock down access to "USB Drives" via the operating system. This is fine, but it also ignores the ports that are used. As part of PCI-DSS, it's strongly recommended to use USB Locks on unused USB Ports. In an article by Softpedia ( USB PnP Credential Replay Attack), security researcher Rob Fuller discovered a new attack vector no one had considered. Often times, that requires making concessions and the focus on common attack vectors by IT Security, may overlook the unexpected.
There's never a point when security implementations cause no headaches or complaints. In the world of always-accessible, always-on connectivity, security is a difficult balance between IT and end users' needs.
0 kommentar(er)
