USB Sticks Can Cause Cyber Security Breaches

USB Sticks Can Cause Cyber Security Breaches

Were you ever bringing in a USB Drive from home and then plugging it back into your work computer? This seemingly harmless action is a security concern for IT Administrators!

USB sticks that seem completely normal with no sign of containing anything malicious can actually be infected with malware. As soon as it is connected to a network, viruses and ransomware from the USB are spread and disrupt the operation of a business.

In an experiment conducted by CompTIA in 2015, nearly one in five people picked up USB drives found in public locations and plugged them into their devices.

Without the user ever realizing that their system has been hijacked, their system can be booby-trapped and take over keyboards. Such an infamous booby-trapped USB incident had occurred in 2010, when a Stuxnet worm – a widely understood American-Israeli malicious computer worm that targets control system architecture – was distributed via USB sticks to launch attacks in an Iranian nuclear facility.

So How Can Systems Be Protected From Malicious USB Drives?

1. Do not plug unknown USB sticks into computers

2. Do not use the same USB stick for home and work, so that it prevents cross-contaminating both computer systems

3. Secure USB drives by using security features such as fingerprint authentication, so that hackers or unwanted people may not have access to it

4. Keep software on your computer updated

5. Deploy a malware scanning kiosk where USB drives can be scanned before they can be connected to the corporate network

6. Use data sanitation to strip out embedded scripts in document files and perform file type verification based on the user’s role in the organization

7. To avoid direct plug-ins to a network and eliminate the risk of booby-trapped USBs altogether, have a USB security system in place that can securely transfer allowed files from a USB drive to a corporate portal, and from there, the user can download the files

USB drives can certainly be useful for the efficiency of an organization. It is a practical way of moving data between low-security networks such as home and high security networks at work, so it is important that organizations institute a USB security system to enable the safe and secure use of USB drives.

Credits:
cyware.com/news/understanding-the-threats-and-risk-of-usb-flash-drive-malware-024ef150/

opswat.com/blog/usb-security-three-ways-address-usb-risks

en.wikipedia.org/wiki/Stuxnet

Image Credit:
Image by Oliver Menyhart from Pixabay