Security alert – infection by USB device
Let’s face it, as long as computers and devices are networked together, sharing important or private data, people will always try to hack them. One of the best ways to prevent or limit these security breaches is to educate yourself about them or turn to a trusted source that can help support your security needs. Did you know that there is a new threat that breaches computers through the USB port?
While USB threats aren’t anything new – USB thumb drives are well known to be used by some employees to copy and take important files with them when they leave the office – this latest threat is a little different. Hackers have developed a USB stick that can bypass Windows Autorun features and infect your system.
How do these drives work?
As you may have noticed, when you connect a device like an external hard drive to your computer via the USB port, Windows will not run, or open the drive. Instead, you will get a window with a number of options, including: Open folder to view files, Download pictures, Play files, etc. The reason for this is because hackers figured out a number of years ago how to put a virus on a USB stick, which when plugged into the computer, would be auto run (started up) by Windows and infect the system.
Hackers have recently figured out how to trick this feature. What they have done is create a flash drive that looks like a USB memory stick. Only, when you plug it into a computer, Windows thinks it’s a plug-and-play peripheral like a keyboard, and will allow it to run. There is memory on the stick, where hackers can write and store a virus or infection, which will then run, infecting the system.
There are four things to be aware of with these drives:
- They are cheap (ish) – These drives can be found on the Internet for less than USD$65, with some being as cheap as USD$40.
- They are fast – Some of these devices are able to run a script and infect a system in 50 seconds, and if they are re-mounted in the same system, could run a script within 30 seconds.
- They are multi system compatible – A few of these devices are advertised as being able to infect almost any system – Windows, Mac and Linux.
- They aren’t easy to find – yet. While there are websites online advertising these drives, most users won’t be able to find them. Experienced hackers on the other hand can do. Of course, anyone with enough patience can probably find them.
What does this mean for my company?
Because these devices are nearly indistinguishable from real memory drives, it is nearly impossible to spot and therefore stop them from infecting systems. Because these drives are currently hard to find and infection rates are generally low, many companies probably don’t have to worry too much. However, you can bet that these drives will probably become more popular in the near future.
This doesn’t mean that you don’t have to be aware of this risk and understand that these drives exist. Some companies have started to take action by disabling USB drives, monitoring what employees plug into their drives and even providing employees with tamper-proof USB drives.
One thing you might have to concern yourself with is if you allow employees to bring in their own drives. In general, if you take steps to ensure that the drives being used are legitimate and approved by the company, this shouldn’t be much of a problem. Of course, keeping your security systems and anti-virus scanners up to date and functioning is always a good idea.
If you would like to learn more about this security threat and what you can do to stop it, including how we can help minimize risks, please contact us today to see how our systems can help you.