Latest Blog Posts

Newsletter

For a Free Quote...

2 minutes reading time (386 words)

FIVE REASONS WHY BANNING USB DRIVES IS A GOOD SECURITY PRACTICE

IBM banning its employees from using removable storage devices, like USB sticks, received extensive media coverage, even though the US CERT warned against using USB drives in 2011.

Why are USB and other removal drives still relevant and why is it a good idea to not use them?


REMOVABLE DISKS ARE STILL USED BY ATTACKERS
While you'd think that using USB drives to infect machines is old-fashioned, new malware that infects machines via USB has has been discovered. In fact, only a month ago Cybereason researchers discovered Fauxpersky. This credstealer malware masquerades as Kaspersky antivirus to avoid being discovered by antivirus software. The infection method? Good ole USB drives:

PEOPLE ARE ALWAYS EAGER TO PLUG IN A USB DEVICE
A study has shown that almost 50 percent of people who find a USB flash device insert it into their computer without taking any precautions. According to the study, that percentage is higher than the one for people who'd click on a phishing link, making USB drives a highly efficient infection mechanism.

LOW OPERATIONAL COST
While still more expensive than spear phishing campaigns, the low cost of USB drives make them an attractive tool for running malicious campaigns.

PROVIDES HACKERS ACCESS TO NETWORK NOT CONNECTED TO THE INTERNET​
USB drives are an attractive infiltration method when targeting networks that are isolated from the Internet. According to some publications, this is how the CIA accessed North Korean networks.

ENABLES TARGETED ATTACKS
USB drivers are a common giveaways at conferences, enabling attackers to target a specific audience or industry. Attackers looking to gain access to a specific organization can spread USB drive in the company's facility, similar to the situation portrayed in this video.

CONSIDER BLOCKING YOUR LAPTOP'S USB PORTS
We've heard stories about attackers inserting USB sticks into open ports on an unattended computers at trade shows, in hotel rooms and at coffee shops.

A common scenario plays out like this: At a trade show, attackers visit the booth of the vendor they'd like to steal information from. While a sales representative is talking to a potential customer, another person quickly slips a USB stick into an open port on the representative's laptop. The malware stored on the USB stick then executes. To prevent this from happening, physically block your machine's USB ports. If you don't have a port blocker, duct tape works well as a quick prevention effort.


Network Performance Monitoring: The ABCs of Networ...
Keeping Your Clocks Accurate
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Friday, 16 November 2018

Captcha Image

Contact Us

Address:

Telnet Networks Inc.
100 Strowger Blvd, Suite 118, Brockville, ON, K6V 5J9, Canada

Phone:

(800) 561-4019

Fax:

613-498-0075

For More Information about Telnet Networks, our products, or our services, or to request a quote please feel free to contact us directly.

Latest Blog Posts

Latest Blog Posts (copy)