Chrome OS: Protect Against Bad USB

G5 Cyber Security

1 month ago

TL;DR

Bad USB attacks use reprogrammed USB devices to act like keyboards and inject malicious commands into your computer. Chrome OS is fairly resilient, but not immune. This guide shows you how to reduce the risk.

Understanding the Threat

A Bad USB attack involves taking a standard USB device (like a flash drive or keyboard) and reprogramming its firmware to behave as a different type of device – typically a keyboard. When plugged in, it can send keystrokes automatically, potentially installing malware, stealing data, or altering system settings.

Steps to Protect Your Chrome OS Device

Keep your Chrome OS updated: This is the most important step! Updates include security patches that address vulnerabilities.

Go to Settings > About Chrome OS.
Click Check for updates. Install any available updates immediately.

Enable Verified Boot: This ensures that only the official Chrome OS software loads on your device.

Chrome OS enables verified boot by default, but it’s worth checking.
Go to Settings > Advanced > System > Verified Boot. Ensure it is turned on.

Limit USB Device Access: Reduce the risk by only connecting trusted USB devices.

Avoid using public computers or unknown USB drives.
Be cautious about accepting USB drives from people you don’t know.

Use a Firewall (if applicable): While Chrome OS has built-in security features, a firewall can add an extra layer of protection.

Chrome OS doesn’t have a traditional firewall like Windows or macOS. However, you can use Crostini (Linux container) to install one if needed.
If using Crostini: Open the Terminal app and run
```
sudo apt update && sudo apt install ufw
```
. Then enable it with
```
sudo ufw enable
```
.

Be Aware of Physical Security: Prevent unauthorized access to your device.

Lock your Chromebook when you’re away from it.
Use a strong password or PIN.

Monitor for Unusual Activity: Keep an eye out for anything suspicious.

Check the Chrome OS task manager (Shift+Esc) for unfamiliar processes.
Look for unexpected changes in your settings or extensions.

Consider a USB Security Key: For enhanced security, use a hardware security key like YubiKey.

These keys require physical presence to authorize access and can prevent Bad USB attacks from injecting keystrokes.

What if you suspect an attack?

Disconnect the USB device immediately: This will stop the malicious commands from being sent.
Powerwash your Chromebook: This resets Chrome OS to its factory settings, removing any malware.
- Go to Settings > Advanced > Reset settings > Powerwash.
- Follow the on-screen instructions. Warning: This will erase all local data! Back up important files before proceeding.

Resources

Google Chrome OS Security: https://support.google.com/chromeos/answer/1240385?hl=en