Checking USBs for Harmful Firmware

You may not be aware of this but, your USB peripherals might be making your computer susceptible to hacking. Information security firm Eclypsium recently reported that majority of Windows and Linux-based USB ports use ‘unsigned’ firmware that leaves space for all types of attacks.

In case you’re wondering, ‘unsigned’ firmware is one which doesn’t use a validation key or ‘signature’; hence, if drivers and updates come from the manufacturer they can accidentally download and setup fake drivers with malicious codes embedded inside them.

To date, hackers have managed to exploit unsigned firmware on USB mice, laptop trackpads and routers. But graphics cards and hard drives can also be included in the list of vulnerable items.

These issues can’t be resolved unless the firmware’s manufacturer rolls out new and ‘signed’ firmware. Eclypsium’s report says that some hard drive manufacturers have updated their HDDs and SSDs but many other devices remain at risk.

In instances where devices have available updates, users have to download/install it themselves. Updating a wireless mouse isn’t easy as updating a smartphone.

Reports by Eclypsium et al make it clear that we need to be careful against using unsigned firmware/drivers. You may not be able to update all of them, but you can still check which ones have a high risk of installing fake drivers. Here’s how:

  • Open the Windows Start menu
  • Type and run ‘Device Manager
  • Right-click a device and select ‘Properties
  • Go to the ‘Driver‘ tab. You might see a ‘Digital Signer‘ listed. If it shows nothing or is listed as ‘unknown’, it means the firmware is unsigned
  • Click on ‘Driver details‘. Signed drivers will have a certificate icon beside them

Linux users can also check their firmware’s authenticity status but the exact steps vary between Linux distros.

Do lookup any software updates on devices using unsigned firmware or drivers. Even the most updated firmware can be unsigned, so make sure the device drivers are properly updated. You can use the operating system’s built-in driver update tool, first-party update tool or by downloading/installing directly from the manufacturer’s website.

Join the discussion