We all use USB drives, handing them back and forth like digital business cards and plugging unfamiliar ones into our computer all the time. But did you know these drives often serve as prime sources of malware and viruses? It makes sense — when a jump drive or thumb drive is shared between so many different user and computers, its chances of being corrupted go up exponentially.
A recent study by security researches Karsten Nohl and Jakob Lell, which they presented at the Black Hat hacking conference in early August, brought up an even scarier point about USB insecurity: while many malware codes reside in the flash memory storage of these external, portable devices, the one Nohl and Lell created to test the security of such devices actually hides in the firmware that directs all basic functions. Meaning the corrupted code can’t be easily detected, deleted, or removed along with the files on the drive.
Unsurprisingly, antivirus and spyware programs have so far proven ineffective at stopping these kinds of deep-rooted malware attacks. Nohl and Lell’s virus was shown to be able to assume control over keyboards, issue commands to download and install malicious files, convert the USB stick into a network drive, and even corral and redirect Internet traffic from a computer’s browser.
Since firmware is so hard to scan and clean, many security researchers proposed a drastic threat-mitigation solution: stop using USB drives altogether. Although sales of the devices still account for more than $2.5 billion worldwide, in this cloud-driven age of Dropbox and Google Drive, it certainly seems possible.
USB insecurity isn’t a shocking new phenomenon, though. The NSA reportedly possesses modified USB cables that can infect computers and act as a wireless bridge for future surveillance efforts, and “Fake Flash Drives” are routinely manipulated to appear more full than they are before being sold to unsuspecting consumers. And it’s not just jump drives with the capacity for corruption; anything that connects via USB (keyboards, mice, printers, hard drives) can be commandeered by cyberattackers.
What can you do to protect yourself, your systems, and your business from potentially infected USB drives?
1. Just say no. USB device are certainly handy for transmitting large files and other mountains of data. But with cloud computing solutions coming into sharper focus each and every day, the necessity of USB drives may fade over time. Hopefully that will lessen the security threat.
2. If you do decide to use a USB drive, make sure it’s brand new and came straight out of the box. And remember — just because you get something for free doesn’t mean you have to use it.
3. If you must share a USB drive with a colleague, develop a protocol to assess it for viruses and malware. Many third-party apps and proactive monitoring and management solutions can scan USB drives for safety, although we recommend consulting an IT professional before choosing one. No matter what, whether you’re giving someone a jump drive to use, or receiving one in return, BE CAREFUL! It’s better to stick with the same jump drive from the time you take it out of the box until the day you put it out to pasture.
4. When in doubt, don’t risk it. Not sure whether an old USB drive is safe? Go out and splurge on a new one. The average price for a brand-new device with a whopping 64GB of storage? A mere $25.
There’s no telling how many USB devices have been infected by the methods outlined by Nohl and Lell. But now is as good a time as any to ditch any old USBs you might have accumulated, make the small investment to upgrade, and remember not to share them with your colleagues. Isn’t that better than losing your entire system to a malware attack, and then having to pay for a full recovery or even new computer, all because of one little corrupted USB key?
Contact us if you’re interested in learning more about how proactive monitoring and management can keep your systems safe — from corrupted USB keys and all the other threats of today’s IT landscape.