External data storage devices have been around almost as long as computers have existed. Magnetic tape and floppy disks, which were once the dominant media, are now mostly fond memories, while optical discs are mostly used in gaming consoles. For the past 20 years, the dominant player on the external storage scene has been the USB flash drive. No wonder: over the years, their storage capacity has increased, and their prices have dropped.
However, even if the humble flash drive has withstood the test of time – at least for now – it has been associated with a number of risks. Especially, due to its small form factor, portability, and ease of access, it can be used to smuggle data out of companies or used to deliver a malware payload that could wreak havoc on systems.
Let’s look at the proper cybersecurity practices you should use when handling strange flash drives lying around that you may have stumbled upon.
Oh look, someone dropped a flash drive!
If there were one piece of advice we could give when it comes to stumbling upon a lost flash drive, it would be just to give it to the authorities or drop it off at the lost and found office or box. That would be the end of it, and you’d feel good about yourself.
However, since good Samaritans haven’t died out just yet and people are naturally curious creatures; in an effort to help satisfy their curiosity, many will plug such a “found” flash drive into their devices to learn more. The stories aren’t just anecdotal; research has shown that people are prone to sticking unknown flash drives into their computers.
Unfortunately, cybercriminals often use a "lost" flash drive as a social engineering tactic, hoping that their targets will do just that. Since the person plugging the drive in has no idea what it contains, it might be opening Pandora’s box.
This could lead to various forms of malware making their way into the device. Your computer could get locked up by ransomware or a keylogger could be recording your every keystroke ... allowing hackers to get hold of your access credentials to various accounts, ranging from social media to financial institutions.
If you’ve plugged an afflicted drive into your work computer, then it gets a lot worse – certain types of malware can propagate across a company’s whole infrastructure, infesting it. If you think that sounds far-fetched, then you need only to remember the infamous Stuxnet malware, which is thought to have spread with the help of malicious USB flash drives. And let’s not forget the BadUSB malware, which could have allowed black hats to gain complete control of a machine, spy on users, and even steal data.
What should I do?
If, even after considering all the risks, you decide to plug an unknown USB drive into your device, there are certain steps you can take to mitigate the risks of your device being infested.
To start, you should always keep your devices patched and updated to the latest versions of the operating system and software available. Using a reputable and up-to-date endpoint security solution is also advised since it can protect you from many of the risks posed by malicious USB sticks as well as other threats.
Whenever you plug an external device into one of your computer’s USB ports it might start up via the Autorun feature. Disable Autorun so that your device won’t open any USB drive – including ones that might possibly contain malicious content. You should also use your endpoint security solution to run a scan on the drive; it should detect most threats and notify you if it finds anything suspicious. Furthermore, many security solutions automatically detect USB device insertion and can be configured to scan any newly inserted devices automatically.
While these solutions may look simple at first glance, they can go a long way to protecting you against attacks and breaches originating from a potentially malicious flash drive. Handling strange flash drives is just one piece of the puzzle – to find out how to secure your own devices, stay tuned for our next article.