Foxrun offers the only comprehensive cybersecurity protection for USB Ports utilizing Hardware AND Software
Consultants often advise disabling USP Ports — Don’t do it — Here’s why:
- Disabling doesn’t mean safe. Disabling may only remove power and thus may not prevent devices from communicating when powered from an alternate source (not the host)
- Disabling ports can prevent security updates/patches (specialty/IoT/industrial equipment)
- Reenabling ports often requires local machine access and cannot be performed remotely
- All ports cannot be disabled. Connections for keyboards, mice, and other common peripherals can just be removed and used to infect systems and/or steal sensitive data
- Disabling ports prevents users from leveraging the elegant simplicity of plug and play (PnP) USB devices
Other advisers offer software only protection — That’s not enough — Here’s why:
- Run at the operating system (OS) level, and are highly vulnerable to hardware/firmware based threats
- Unable to protect many embedded and other devices running firmware, real-time operating systems (RTOS), and/or uncommon/proprietary operating systems (e.g., Industrial Automation equipment, IoT devices, etc.)
- Use hardware/firmware identifiers for whitelisting, which are easily cloned and/or are configurable
**Example: The enumeration/descriptor data from a whitelisted PnP USB device can be cloned using a microcontroller or embedded development board (e.g. Arduino). Then malicious embedded code can spoof the original device and carry out attacks after insertion into a “protected” host machine.