So this is just a question that popped into my mind the other day, sorry if it doesn’t fit the community.
At the local pharmacy I noticed two USB ports on the back of the monitors they were using and I was thinking I could’ve easily gotten a RAT in there if I was more smart and malicious.
Similar places were banks or shops, sometimes ethernet ports as well.
Realistically, how dangerous is this? Thanks for any answers.
It really depends on the device. usb exploits are generally located in the implementation details and each vendor has their own implementation(s)
Ok but this is a local place people visit a lot so the device is easily identifiable. They could then possibly tailor their device to do something bad right?
Probably just as dangerous as physical access to the keyboard and mouse for HID attacks. Mitigation against this attack is possible by whitelisting ports and/or manufacturer and device IDs (however, device IDs can be spoofed to match).
An exposed USB port is potential attack vector, but that could be mitigated in many ways. It could be through the OS via policies or other security measures, or it could be disconnected within the device itself, for example.
If it’s not an all in one PC, those USB ports on the back of the monitor aren’t likely to be connected to anything.
I’ve never used the monitor USB ports because they require another USB cable to go back to the PC so the monitor can act as a hub. So it’s not saving much clutter and isn’t easily accessible like a desktop USB hub.
Furthermore, if the IT department has any security, it will have USB completely disabled. My wife worked in HR for a regular consumer brand and even those laptops were so locked down such that you couldn’t plug in a different mouse without IT approval. You couldn’t even boot to Linux to bypass because the bios was locked and the drive was Bitlockered.
Can a locked BIOS still be bypassed by shorting the CMOS battery or am I antiquated? It’s been forever since I needed to do that.
It depends on the system. Some enterprise systems have a BIOS which will survive a loss of battery power and don’t have a hardware reset process. Some Dell laptops were like this and you needed to contact Dell to do a BIOS reset. It’s been long enough that I have forgotten how that worked, but I’d assume it’s some sort of public/private key signing setup.
Worth considering that a pharmacy will have cameras all over, so anyone screwing with USBs on their computer will likely be easily caught. It’s a pretty high-risk act with comparatively low chance of reward.
