This week, learn how to protect yourself and your computer from USB drive attacks! For this One-Minute Wednesday, Waleed Afzal will be talking about a common attack vector for malware: malicious users leaving infected USB drives in public places, waiting for someone to pick them up and plug them in. Don’t miss out on learning how this works and how to avoid it!
Malicious USB Drives
Many of us have found USB flash drives lying around in public places. But what many people don’t know is that these “lost” USB drives could be a part of a malware attack. This type of attack has been around for a while, and the risks have not changed with time: about a decade ago, a group of security testers dropped 20 USB devices around the parking lot of a credit union. They found that fifteen credit union employees picked up a USB device and eventually plugged it into a computer, unwittingly running a program that communicated with an external server.
Some best practices:
First, you should never connect an unverified USB device to your computer. If you don’t know where it came from, there’s a good chance that a malicious user has loaded malware onto the drive, hoping someone will plug it in and allow it to infect or take over the computer. This follows similar logic as best practices for email security: you wouldn’t open an email attachment from an unknown or suspicious sender, and you should treat “lost” USB drives or other removable devices the same way.
Second, you should avoid leaving personal USB drives lying around in public places, as they can easily be stolen, compromised, and then returned to you. A trusted personal device can quickly become an attack vector—competent hackers only need a few minutes with a device to load it with malware.
Finally, if you see a file on your USB drive that you don’t recognize, avoid clicking on it. Malware is frequently disguised as known file types, like PDFs or Word documents, but once you open them they will run a script or executable program instead. The best course of action here is to immediately delete any unrecognized files, or at the very least spend some time virus scanning them before opening.
Stay safe out there, and don’t forget to think before you click!