USB fans given to journalists at Trump-Kim meeting raise security concerns

12 Jun 2018625 Views

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

Singapore financial district skyline. The city is playing host to the US and North Korean leaders. Image: beeboys/Shutterstock

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

Security experts warn journalists of USB key malware risks.

The historic summit between US president Donald Trump and North Korean leader Kim Jong-Un has naturally been attracting a massive amount of media attention.

More than 3,000 journalists have been gathering at the meeting in Singapore, covering the major diplomatic developments as they unfold.

Press goody bag: Security risk or a way to keep cool?

Members of the press covering the event received a goody bag containing a local guidebook, a bottle of water and a handheld fan emblazoned with the North Korean leader’s face. Considering that temperatures hit 33 degrees Celsius, the fan would certainly be useful, but a second fan included in the bag has garnered some attention from infosec experts.

Though the mini USB fan in the bag would undoubtedly help journalists keep cool in the sweltering heat, the security community was swift to raise the red flag about the seemingly innocuous gadget.

A stark warning to Trump-Kim summit attendees

US security journalist Barton Gellman – who led coverage on the Snowden-NSA leaks a few years ago – tweeted: “Do not plug this in. Do not keep it.”

While there is no knowledge as of yet in terms of malware present on the fan, security experts have been warning journalists and the general public about the dangers of plugging unknown USBs into their computers. While the risk is not known in this instance, USBs can be used as a covert method of malware installation. Malicious code can be added to the firmware of a USB drive as opposed to its flash memory storage, making it much more difficult to detect.

USB keys have a history of security issues

In 2014, a Wired report cited the research of Karsten Nohl and Jakob Lell, who demonstrated a series of proof-of-concept malicious software, which can be installed on a USB device to completely overtake a PC, covertly altering files installed from the memory stick and potentially redirecting the user’s internet traffic.

Although the fan may just be a way to keep the heat at bay, considering the sensitive nature of the summit and the presence of a large amount of political journalists, erring on the side of caution is obviously preferred.

Singapore financial district skyline. Image: beeboys/Shutterstock

Ellen Tannam is a writer covering all manner of business and tech subjects

editorial@siliconrepublic.com