How to shut down a plant remotely in 3 seconds.

3…2…1… and boom!

USBKill Remote Trigger

In my hand, I have a remote trigger that can fry the motherboard of any workstation, laptop, server, router, switch, monitor, IP phone, cell phone, firewall, etc. from up to 100 meters away. We can also schedule a date and time when the USBKill will trigger. It comes with all kinds of adapters to connect to other non-USB devices such as RJ-45, VGA, HDMI, serial port, USB-C, male, and female. To achieve its objective, the USB killer repeatedly supplies a voltage surge (210–220 volts) to the connected device and eventually toasts the internal motherboard and circuits. During our pen test, we demonstrate and highlight the importance of physical security.

Can you detect a USB killer device?

Unfortunately, you cannot distinguish a USB drive from a USB killer just by looking at it. You have to open the case of a USB drive to make that determination. A typical USB killer has several capacitors to store power from a USB port. If you want to assess whether a USB drive is a USB killer or not without opening its case, you will require a USB killer detector. However, a USB drive you just found in your parking garage could have been left there strategically to carry out a USB drop attack. So, it is unsafe to plug in an unknown USB drive into your computer, even if a USB killer detector rules out the possibility of it being harmful.

How to protect against a USB killer attack?

Unfortunately, there is not much you can do to prevent a USB killer attack. Disabling USB ports at the operating system level or using device control software cannot protect your device from the electrical surge delivered by the USB killer. Glue-shotting the USB ports, if possible, may be a temporary solution but it is not ideal. Additionally, there are many devices such as firewalls, switches, and routers that use RG-45 and are susceptible to this type of attack. Employee vigilance, physical security measures, access restrictions, and security awareness training could help companies minimize the risk for these types of attacks.

Featured articles

OTIFYD and MAD20 (MITRE ATT&CK DEFENDER 2.0) Join Forces to Close Cybersecurity Skill Gaps in the Middle East

21 March 2024

NanoLock Security and OTIFYD Partner to Provide World’s Leading Industrial Cyber Protection to European Companies

11 December 2023

Beyond Compliance: Will Cybersecurity Regulations Keep Up with the Evolution of Threats?

29 November 2023

How to shut down a plant remotely in 3 seconds.

Can you detect a USB killer device?

How to protect against a USB killer attack?

Featured articles

Premium online guides

Related articles

NanoLock Security and OTIFYD Partner to Provide World’s Leading Industrial Cyber Protection to European Companies

Beyond Compliance: Will Cybersecurity Regulations Keep Up with the Evolution of Threats?

10 Things You Should Do After a Ransomware Attack : Step by Step Guide 2023

Hacking Controller Area Network (CAN Bus)

Cascading Supply Chain Attack

OTIFYD and Waterfall Security Partner to Secure OT Networks

Managing Negative PR Implications After a Cyberattack on Critical Infrastructure: Guidelines for Effective Crisis Response

Breaking the Illusion: How some CEOs’ Perceptions of Hacking Differ from Reality

Why IT Security Companies are Not the Best Choice for Securing Operational Technology

If I’m Going To Get Hacked Anyway, Why Bother Spending Money On Cyber Security?

OT Attack Surface Management

5 Common Mistakes IT Staff Make Inside an OT Environment

UK Head Quarters

+44 (0)207 030 4005

[email protected]

International House, 64 Nile Street, N1 7SR

DACH Head Office

+49 89 255 575 586

[email protected]

Südliche Münchner Str. 62, 82031 Grünwald

Middle East Head Office

+971 (04) 800 4377

+966 800 850 1566

[email protected]

Dubai Media City, BLDG 5, VD - G00 - 192