/* ]]> */
Aug 012014
Our computers these days have many USB devices connected to them.

Our computers these days have many USB devices connected to them.

As preppers, we anticipate, plan, and prepare for a strategic failure in some part of our national critical infrastructure, no matter what the cause or what the specific failure may be.

Some risks are obvious.  But as prudent preppers, we also look to find and consider all risks, including those thought to be remote and unlikely.  Some risks are subtle and generally little considered, even though they could potentially be devastating in their consequences, and possibly might also be frighteningly possible.

An example of a risk category that few people fully consider is some type of cyber attack on our nation.  We’ve written about varying aspects of this in the past, most recently a mere week ago when we explain why the concept of a cyber-attack is so appealing to terrorists and others who wish us harm.

We don’t exaggerate when we say that almost everything in our lives is computerized these days, and the little bits that aren’t yet controlled by computers are quickly adding computerization and internet connectivity too.  While there are indeed benefits in having our kitchen appliances and our home heating/cooling all connected to the internet, there are also increased vulnerabilities.

The problem about anticipating and defending against a cyber-attack is that doing so requires a skill a bit like driving down the freeway at high speed, while only looking in the rear-view mirror.  On the freeway, the rear vision mirror will keep us in our lane, but only until the freeway curves ahead, and it won’t warn us if we’re closing in on the car in front.  With cyber attacks, we only know what our enemies have done in the past, we don’t know what they might think of next in the future.  Unfortunately, within even the simplest parts of any computer system lurk all sorts of unexpected vulnerabilities, sometimes overlooked due to the simplistic and ‘safe’ nature of the components.  It is impossible to be certain that we have identified – and solved – all possible computer vulnerabilities (even though some ‘experts’ claim they have done so).

For example, think of one of the wonderful enhancements to computer peripherals these days – USB connections and their ‘plug and play’ automatic connection between the thing we plug in and the thing it is plugged into.  A decade or more ago, this seldom worked as it should, and it was often referred to as ‘plug and pray’.  Nowadays the ‘intelligence’ within USB devices has been greatly improved and they are better able to correctly identify themselves and install the necessary drivers automatically onto the host device which they’ve been plugged into.

Unfortunately, as the ‘intelligence’ of USB devices has increased, so too has the ability to exploit that intelligence and re-task it for nefarious purposes.  A hacker could build a virus into the USB device’s ‘firmware’, and so when the device connects to your computer, it automatically loads itself onto the computer without triggering any of the typical anti-virus warnings.

Keep in mind that this type of attack could come not just from USB memory sticks and thumb drives.  We’ve known for some time about the ability of USB drives to come with a virus pre-loaded on them, and also of course, for a virus to copy itself onto a solid state USB drive, the same way as it could onto any other drive.  But this new risk is very different, because it doesn’t come from a USB’s available data storage.  It is hidden in the USB’s internal memory and drivers.  It could come from any USB device at all.  A mouse.  A keyboard.  A printer.  Look at all the USB devices you connect to your computer these days, and appreciate that all of them could be sources of infection.

Who would have thought you could get a disabling computer virus from your mouse or keyboard or webcam or whatever?

The problem is even worse.  Once on your computer, the hacker’s code can then copy itself onto any other USB devices it finds, and of course can totally take over your computer and do whatever it chooses with it.

The problem is even worse than this.  You might think ‘Okay, so I’ll only use USB devices I buy brand new in sealed boxes, and I’ll never share them with anyone else’s computers’.  But – who is to say that the company making the USB devices hasn’t been compromised – either deliberately or unknowingly?  Remember that much of the computer attacks that are directed at the US come from China, then look around your computer gear and see how much of that comes from China.  Ponder the implications of that, and you’ll quickly realize why the government is increasingly concerned about allowing Chinese computer hardware into sensitive installations (and also, to be fair, why foreign governments are increasingly anxious about allowing US hardware into their sensitive operations too!).  Even brand new untouched computer gear might be infected with pre-loaded malware.

This article explains the vulnerability and how there is no defense against it currently, saying

Most of us learned long ago not to run executable files from sketchy USB sticks. But old-fashioned USB hygiene can’t stop this newer flavor of infection: Even if users are aware of the potential for attacks, ensuring that their USB’s firmware hasn’t been tampered with is nearly impossible. The devices don’t have a restriction known as “code-signing,” a countermeasure that would make sure any new code added to the device has the unforgeable cryptographic signature of its manufacturer. There’s not even any trusted USB firmware to compare the code against.

We know, via Edward Snowden, that the NSA had some type of way of accessing computers through some type of USB exploit; it is likely that they may use some of these now publicly discovered vulnerabilities.  If the NSA is doing this, if Edward Snowden has disclosed that, and if there is now public discussion of USB vulnerabilities, how many hackers are also doing the same thing?

Unfortunately, at present, there is no known solution to this problem.  Your computer and your USB devices might already be infected.

A deliberate hacker attack could take the form of stealthily infecting as many computers as possible, and then having them all simultaneously fail on some future date.

Would that destroy our society and bring about the type of Level 2 or 3 scenario we plan and prepare for?  We’re not sure, but for sure the very best case scenario would be a massive economic and supply disruption that would see many services totally fail and much of the physical distribution of food and supplies also interfered with.  If computer based programs can no longer be used to manage agricultural processes, to plot demand and to schedule harvesting and processing, and to interface between the different companies in a complex supply chain, how will food efficiently make it from the field to the shelves of your local supermarket?

Without computers, what will happen to the banking system?  If your job involves using a computer, how will you and all your colleagues, customers and suppliers do your/their jobs?  If your company fails, what will happen to your job and your income?

The big unknowns are the nature and extent of a social collapse due to a failure of the nation’s computer resources.  We fear it might be worse than we hope, and so we plan accordingly.

We suggest you carefully read the article that explains the USB vulnerability and its implications, particularly the part that concludes

That means you can’t trust your computer anymore. This is a threat on a layer that’s invisible. It’s a terrible kind of paranoia.

Implications for Preppers

There’s not a lot of special things you can do to prepare for a broad attack on all our computers.  Your computers and USB peripherals might already be infected, and there’s nothing you can do about it.

All you can do is ensure that your retreat and your lifestyle can continue without any computerization, and keep your prepping at a necessary level in anticipation of a possible future Level 2/3 situation, no matter what the cause.

One thing in particular is to print out hard copies of as much of the electronic reference material you might have accumulated.  If your computers fail, you don’t want to have all your prepping knowledge resources destroyed.


David Spero[suffusion-the-author display='description']

Leave a Reply

/* ]]> */