Leave that USB Drive Where You Found It

Introduction

You come across a thumb drive, or USB drive that you don’t recognize. Maybe you found it in the parking lot or by the copier in the office. You  want to plug it in to identify where to return it. Don’t do it.

Before you take such a risk—remember Stuxnet. How do you think this “impenetrable” Iranian nuclear facility got hit? It’s believed that employees plugged infected USB drives into their computers that were planted in the facility’s parking lot.

From there the virus infected the computers controlling the centrifuges, causing them to spin too fast and become damaged. The attackers couldn’t get in directly, as the computers were on a disconnected network.

Risk Of Thumb Drive Attacks

Now, you might be thinking, “but I’m not an Iranian nuclear facility.” But that doesn’t prevent cybercriminals from wanting to access your network and systems. USB drives are one more way that bad actors can do so. In fact, one study found that 60 percent of people were likely to connect random thumb drives found near their building. If the business logo was on the drive, the number went up to 90 percent.

Even with cloud computing, we still see these small, portable drives used universally. They are compact and convenient. That also makes them an attractive target for bad actors.

Hackers pre-program USBs to act maliciously once connected to the network—and you won’t even know that you’re being infected—untio9l it’s too late. If successful, hackers can:

  • Steal data
  • Gain access user keyboards
  • Monitor screens
  • Encrypt files and ransom data
  • Spread infections throughout the network

How To Avoid USB Drive Attacks

Below are seven things you can do to keep your business safe from infected USB drives:

  1. Don’t insert unknown flash drives. Hackers will try to take advantage of human curiosity or their desire to help.
  2. Use different flash drives for personal and professional computers. This helps cut the chances that you’ll spread an infection from one to the other.
  3. Enable security measures on USB drives, such as fingerprint authentication.
  4. Keep computer software and hardware up to date.
  5. Ensure malware and anti-virus protections are current.
  6. Patch regularly.
  7. Windows users should disable the Autorun function to prevent the automatic opening of removable media upon insertion.

We’re here to help. Call us at (845) 362-9675or email us to contact our experts if you suspect a security threat or want to update your security posture.

XSolutions is an IT Services Provider serving New York (NY), New Jersey (NJ), and Connecticut (CT). We provide Managed IT Services | Managed IT Security | Backup & Disaster Recovery| Cloud Data Protection | Security Awareness Training. Call (845) 362-9675 for a free consultation.