No amount of precautions and security measures for a network will equal the vulnerability created by a small USB device. You can see all the pain you have taken to make your network secure, crumble in a matter of seconds, due to an issue caused by a USB drive. USB drives are small, handy and convenient but one can’t imagine how notorious they are.
Few instances here will tell you how dangerous can a small USB drive be:
- According to research from Avast, roughly one in eight of the 700,000-plus malware incidents it identified in 2010 were due to tainted USB devices.
- Security consulting and research firm the Ponemon Institute, found that more than 800,000 data-sensitive devices, including USB drives, portable hard drives and laptops, were compromised in 2009.
- The top two virus threats reported by BitDefender, are actually spread through USB drives.
- According to research by Panda Security, a whopping 25 percent of malware today is developed to spread through USB devices.
- Recently, an assistant professor and his student at George Mason University, demonstrated how Operating Systems fail a USB Attack. They just used a smartphone connected to a PC through a USB cable and were able to hack it. The professor simply credited his successful exploit to the USB protocol which does not ask for authentication when an unknown device connects to a computing platform.
These are only a few instances on what an infected USB drive can do.
USBs – a threat for Corporate Networks
An employee can simply bring in an infected USB drive to office, knowingly or unknowingly, and connect it to his system and get it infected. The system then spreads its infection to other PCs over the network. A research report from Avast says that more than 60 percent of all malware in circulation can be spread via USB drives. To corporate networks, notorious USB devices are not just confined to spreading malware. They simply offer a way for indiscernible data stealing.
Precautions and necessary steps to be secure
The situation today isn’t so worse that the USB drives would simply force the users to face the threats they impose. It requires just a few changes in the default settings of USB ports to eliminate the hazards of notorious USB drives. Few of them are as follows:
- Disabling autorun option (Windows PCs)
- Blocking unauthorized USB devices
- Maintain personal and business USB drives separate. So that you don’t contaminate your office network from threats outside.
- Do not plug an unknown USB drive into your computer. This is a simple precaution but works best.
- As prevention is better than cure, you can just block USB drives on your computer/laptop (through registry key settings in Windows OS) permanently and use alternatives.