USB storage devices are convenient, popular and often free. Unfortunatly, there is a downside to their popularity. The US-CERT (Computer Emergency Response Team) recently issued a warning that malicious code and viruses are spreading rapidly via USB flash drive devices.
"The bad guys are intentionally developing new flavors of malware designed to propagate through USB devices," said Gunter Ollmann, chief security strategist for IBM's ISS security division.
Why are USB storage devices so popular?
USB storage devices are handy and small making them easy to slip into a pocket or carry on a lanyard around your neck. Because of their physical size and ability to store large amounts of data, they have become mainstream consumer storage devices. They are light weight, very portable and they are compatible with most PCs equipped with a USB port . They also have fast transfer rates (1Mb/sec) with no moving parts and they don't require a separate power source or batteries. You can move large files to a seperate location and access the data without worrying about compatibility. Employees can take work home with them, or travel with just their data instead of a laptop.
How can a USB Storage device be a security threat?
Malicous Software
USB thumb drives can be used to spread viruses and other malicious software. An infected computer can spread a virus to a clean USB thumb drive that is inserted. That USB drive can then spread the virus onto other computers if the operating system on those machines has an AutoRun-type feature enabled. The AutoRun function in Windows launches installers and other programs automatically when a flash drive or CD is inserted. Users can either bring in infected documents from home, or take home a business document to an infected PC, update it, and return it to a corporate file server. During a recent US conference, it was found that about 500 of the 1,000 attendees ended up with infected USB drives. They had brought their presentations on the USB drives, and the group hosting the conference had a system that was used to keep copies of the presentations. Either the system arrived infected or was infected by someone early on in the process, and anyone who stuck a USB drive in the system got a "present" on their drive. The malware was set up to autorun, so the attendees more than likely infected their systems when they got back to their office or home (or both).
Data Loss
Another downside to using USB storage devices is the potential for sensitive data to fall into the wrong hands. Most of these devices have little or no security features and if you happen to lose one, anyone who picks up the device may be able to access data on it. Vendors have begun responding to this problem by manufacturing Flash Drives with built in security features.
How to avoid spreading Malicous Software on USB storage devices
- Consider disabling any AutoRun features and manually launch programs when using a flash drive. Be aware that a virus can also be embedded in what looks like a normal file on a USB device, so that even if AutoRun is disabled, the computer will become infected when the file is opened.
- Use an antivirus tool to scan your USB devices before opening any files from them and be cautious with files on devices even if they come from trusted sources. You should configure the software to scan all attached drives and removable media, and get all users into the habit of scanning files before opening them.
- Disable the USB ports or use a 3rd party tool such as SecureNT. When disabling USB ports, you'll need to make sure any peripherals in use (such as keyboards, mice, PDAs, and scanners) use legacy ports instead of USB ports.
- Try to make sure you use devices with security features when accessing potentially sensitive data.
Check out this link for software that you may find useful.
|
Home
