The Threat Posed by USB Storage Devices

Paul Mah

In an earlier post on whitelisting, I related the news that the U.S. Army has imposed a ban on USB flash drives, among other forms of portable media. Wired reports the ban on "USB sticks, flash media cards, CDs and other removable storage" was the result of security concerns and the proliferation of malware.

 

Indeed, I had a personal encounter with this type of malware just this week. One of the tasks for the day involved my students installing OpenOffice for the Linux environment. Due to the throttling imposed by the download site on the rather large 135MB package, I had each group pass me a flash drive in order to get a copy of the free office suite from me.

 

Guess what. Three out of five flash drives handed to me were infected with some form of malware. This was obvious by the autorun file within the drives, which is typically used to run applications automatically. In these three cases, an unprotected and typically configured computer would have executed the malware once the infected flash drive is plugged in. Fortunately, I had just installed antivirus software on my newly formatted laptop, which picked up the problem.

 

I'm not alone though -- my experience was corroborated by researchers at Symantec, who have observed an upswing in USB-based malware.

 

One obvious solution would be to disable the AutoRun functionality for removable media. Actual steps vary between operating systems, and I must add that Windows Vista has no straight-forward option box to disable the Autorun feature. The presence of antivirus or whitelisting software will obviously help, though another possibility suggested by Symantec officials is for businesses to set policies to stop USB storage devices from being used in the first place.


 

Moving forward, what lessons does the above news bear for the rest of us, especially SMBs? Rather than limit our thinking of the threat posed by USB devices to that of employees making off with company files, we need to open our mind to the threat posed by USB storage devices and be positioned to defend against this attack vector.



Add Comment      Leave a comment on this blog post
Nov 5, 2009 8:24 AM birendra singh birendra singh  says:

Nice update, I am willing to be regular reader of  your blogs.

I belong to hdd data recovery Solution In India , so I have big interest in Computer related updates, we deal to recover lost data from computer hard disk and all other storage medias.

Reply
Nov 16, 2009 5:30 AM john john  says:

USB is the best external storage media, because it has low chances for data corrupt.

Reply
Apr 16, 2011 8:12 AM Joan Meredith Joan Meredith  says:

This is a really annoying issue, I just came back from the university computer lab where I had to present a project so I brought my USB stick, and guess what, when I came back home and plugged it in, Norton Antivirus popped up with a warning "Trojan ... " was found in .Trash000 with a hidden exe file extension. This is so annoying, good thing I have a trustworthy antivirus.

Reply
Apr 17, 2011 4:41 AM Octavian Paler Octavian Paler  says:

I think this is a real problem, I just came back from the university computer lab where I had to present a project so I brought my USB stick, and when I came back home and plugged it in, Norton Antivirus popped up with a warning "Trojan something was found in .Trash000" with a hidden exe file extension. I think I'll have to switch to linux, I heard Debian or Ubuntu is a quite popular OS and none of them have trojans or viruses.

Reply

Post a comment

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

null
null

 

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.