Watch where you're sticking that thing!

Courtesy of Dynamism.com

The use of USB memory sticks and other removable media has become a mainstay in today’s business world. With the increased popularity, prices for these devices have fallen to the point that they are given away at many conventions, and used in devices that are plugged into our computers every day. The combination of low prices and consumer ignorance has sparked a not so new trend of infecting these devices with viruses, Trojans, and other forms of malware to wreak havoc or gain access to sensitive data. I say “not so new”, because in the past other forms of removable media such as floppy disks and CD’s where subject to the same types of attacks. In this article you will learn the risks of using removable media in the work place as well as at home. Keep in mind we will focus on USB memory sticks, but many of these tactics can be used with external hard drives, CD’s and any other form of removable media.

I assume most readers have used a USB drive to move files from one PC to another, maybe to take some work home one night? So what is the worst case scenario you ask? Well, unless you own a nuclear reactor you don’t have to worry much about the Stuxnet worm that put Iran’s nuclear ambitions on hold for a few months; but if you want to know what can happen this is a good example. Why would I bring up such an elaborate plot as an example for a small business? This is why; many of you have spent thousands of dollars on a quality firewall, anti-virus and anti-malware software, as well as spam filtering and employee education. Well, all of this can go down the tubes because of a USB thumb drive that your employee found in the parking lot lying next to their car. Sometimes what seems like an elaborate scheme is the simplest, a five dollar thumb drive from Wal-Mart, a free download off the web, toss a few of these USB memory sticks into the parking lot of a few competitors and you have lost all your client data. Why pick the lock on the front door when you can go through the open window? Not a likely scenario? Do a quick Google search and you will see how often it happens.

Don’t think your employees would put a memory stick they found in the parking lot into their work PC? Give me a call and we can test out that theory. Lucky for the bad guys they don’t even have to spend the five dollars on a memory stick. How many of you or your employees have opened an email that was infected with a virus don’t lie. I likely removed it! Yeah I’m talking to you! Lucky for you those viruses were just there to make your day miserable. If you are truly unlucky, you will get a virus that will not pop-up anything on your screen, but just wait for you to insert any type of removable media and then copy its self onto that media. Next it will wait to be inserted into another PC and copy its self to that PC. Now you are in the same situation as the previous example. You don’t have to be computer illiterate or uninformed to fall for this one.

What happens after that? Well if you are lucky you just have your run of the mill virus infection that tries to swindle you out of 50 bucks for the “full version” of the fake anti-virus program you were just infected with. Though you could still be out several hundred dollars in repairs, the more likely reason for using USB media for infection is to gain access to your data. Some malicious code is more difficult than others to transfer via email. Sky’s the limit with a USB drive, plenty of space, no spam filtering to catch onto what is happening, we can bypass that fancy firewall and get a more targeted attack rather than the spray and pray method. Don’t think your competitors would do that? I hope not, but they are not the only ones that can make use of your client data. There are plenty of people out there who would love to buy a list of people they know for a fact spend money on X business. And if you think there is a market for that, they will be climbing the walls to purchase your customers credit card information.

Are you trying to scare the crap out of us!? Of course I am! No one thinks about these things until it happens to them. Rarely does anyone call me and ask for a firewall, or to tell me their antivirus is out of date, their backups haven’t ran in months etc…etc…etc, until something bad happens. Number one method to keep this from happening to you is to be PROACTIVE. Call us for a security assessment; let us check your firewall and anti-virus program, tell us how you conduct business and what your concerns are. Most would consider a yearly security assessment inexpensive, anyone that has had to pay to clean up the aftermath of the above event would consider it necessary.

What can I do myself? I have to use my memory stick every day! Calm down, I wouldn’t deprive you of your precious files! We can thank Mindi McDowell from us-cert.gov for the following tips on protecting your computers and nuclear reactors from attack.

• Take advantage of security features – Use passwords and encryption on your USB drive to protect your data, and make sure that you have the information backed up in case your drive is lost.
• Keep personal and business USB drives separate – Do not use personal USB drives on computers owned by your organization, and do not plug USB drives containing corporate information into your personal computer.
• Use and maintain security software, and keep all software up to date – Use a firewall, anti-virus software, and anti-spyware software to make your computer less vulnerable to attacks, and make sure to keep the virus definitions up-to-date. Also, keep the software on your computer up to date by applying any necessary patches.
• Do not plug an unknown USB drive into your computer – If you find a USB drive, give it to the appropriate authorities (a location’s security personnel, your organization’s IT department, etc.). Do not plug it into your computer to view the contents or to try to identify the owner.
• Disable Autorun – The Autorun feature causes removable media such as CDs, DVDs, and USB drives to open automatically when they are inserted into a drive. By disabling Autorun, you can prevent malicious code on an infected USB drive from opening automatically. In How to disable the Autorun functionality in Windows, Microsoft has provided a wizard to disable Autorun. In the “More Information” section, look for the MicrosoftFix it icon under the heading “How to disable or enable all Autorun features in Windows 7 and other operating systems.”

Help! I am unsecure and I think someone is stealing pictures of my cat Peaches, how can we reach you? If you would like to schedule a free technology evaluation for your company, an in depth security assessment or anything in-between, just give us a call and ask for the technician who encrypts all pictures of his cat.