USB Implementers Forum (IF) has announced its type c security authentication program to fight malware.
The type c authentication program aims to reduce the risk of hackers exploiting USB ports to
install malicious software.
The program supports 128 bit cryptographic security and will introduce a standard protocol for
authenticating certified USB type-c chargers, cables and power sources as well as support for the authentication
of USB data bus or USB power delivery communication channels.
The new comes after Google confirmed
that Chrome OS will feature a ‘USBGuard’ option that will block USB port access to new USB
devices being plugged in while the Chrome OS device is locked.
Both of these security measures are
designed to prevent ‘rubber ducky’ attacks: keystroke injection tools disguised as generic flash drives that tell
the OS that they are a human interface device (like a keyboard).
Once inserted into a USB
socket,, ‘rubber ducky’ devices can inject pre-programmed keystroke commands and deliver malicious commands and malware to unsuspecting devices.