Security Market Segment LS
Saturday, 30 April 2016 14:03

66% of USB Flash Drives infected – don’t trust a stray Featured

By

USB Flash drives left around offices in government, education, enterprise or given away at trade shows are the easiest way for cyber criminals to gain backdoor access.

Security vendor Sophos tested USB keys purchased at a lost property auction and found 66% had malware or virus.

To complicate the matter, a new study from the University of Illinois has found that of nearly 300 abandoned flash drives ‘planted’ at the University campus, 48% inserted the drive and looked at the contents with a median time of 6.9 hours – the first was opened 6 minutes after being found.

A recent experiment by CompTIA littered four US cities – Chicago, Cleveland, San Francisco and Washington, D.C. – with 200 unbranded, rigged drives, leaving them in high-traffic, public locations to find out how many people would do something risky. About 20% of users plugged in the drives and proceeded to engage in several potentially risky behaviours: opening text files, clicking on unfamiliar web links, or sending messages to a listed email address.

And the recent Australian Cyber Security Centre (ASC) conference, 12-14 April in Canberra, imposed tight new regulations on USB usage, with presenters prohibited from bringing slides in on the devices. USBs were not able to be included in satchel bags nor handed out at booths, in the interest of cyber security.

So that is the bad news – no more stray USB drives, please.

Of those who did engage in risky USB insertions

  • 16% scanned the drive with their anti-virus software.
  • 8% believed that their operating system security features would protect them, e.g., ‘I trust my MacBook to be a good defence against viruses’
  • 8% sacrificed a personal computer or used university resources to protect their personal equipment.

There are a few things you can do to protect your computer from USB hijack.

  • Turn off ‘auto-play’ to prevent any executable files or batch files from launching
  • Format the device immediately on insertion – never open any files
  • Consider encryption for any files you put on the device
  • Use a reputable antivirus/malware program like Sophos that automatically checks USB drives

Sophos security expert Bruce Schneier asks which is more idiotic: plugging in a potentially malware-laced USB key, or designing them to be this dangerous?

“People get USB sticks all the time. The problem isn’t that people are idiots, that they should know that a USB stick found on the street is automatically bad and a USB stick given away at a trade show is automatically good. The problem is that the operating system trusts random USB sticks. The problem is that the OS will automatically run a program that can install malware from a USB stick. The problem is that it isn’t safe to plug a USB stick into a computer unless you are absolutely sure of its pedigree.”


Subscribe to ITWIRE UPDATE Newsletter here

GRAND OPENING OF THE ITWIRE SHOP

The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.

ENTER THE SHOP NOW!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE
Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments