The Security Risks of USB Drives
Introduction
USB drives are inexpensive, common, and convenient, but they can also be a major security risk. If you’re not careful, a USB drive could allow malware to infect your computer or may even be used to transfer data from one computer to another without your knowledge. In this article, we’ll discuss the risks associated with USB drives, including how they can be used as an attack vector for malware and share best practices to protect yourself before, during, and after use.
USB drives are incredibly insecure
USB drives are incredibly insecure. They’re easy to lose, and even easier to steal. They’re small and may contain valuable data, making them an attractive target for thieves. We’ve also seen cases where USB drives were embedded with malicious software that is activated when they are plugged into a computer. It is important that you protect yourself and your company by taking the appropriate precautions whenever you are using USB drives.
USB Drives Can Be Used to Bypass Security
USB drives can be used to access restricted data. This is a risk for all organizations, but especially those who have confidential information stored on their computers or networks. If information is accessible to the user, it may be accessible to the USB drive, as well.
For example, an employee with access to critical data could use a USB drive to easily transfer these files, bypassing security policies and protocols. Systems with access to critical or confidential information should have USB drives disabled and monitored to prevent these situations.
USB Drives and Personal Devices Pose a Threat Even When Empty
We have talked about how USB drives can be used to transfer data from one computer to another.
There are also risks associated with using USB drives even if you don’t transfer any files at all. It is easy for malicious software (malware) to be installed on a USB drive before you ever use it.
That malware could include code or scripts that automatically send files and other information from your computer to remote servers. This makes it so the attacker does not even have to hack into your systems, they can just wait until you plug in the infected USB drive and let the attack happen on its own.
Data Can Be Recovered from USB Drives, Even Deleted Files
Deleting a file is not enough to prevent unauthorized access. Even if you delete your files, reformat the USB drive, or physically damage it, data can be recovered.
Formatting a USB drive does not make it safe from any potential hacking attempts. A quick format only prepares the USB for new use by removing references to its data, it does not overwrite the actual data. While a full format will rewrite all sectors on the device with 0s (zeroes), there are tools that can easily recover that information. This may be helpful if you inadvertently format your USB drive, but it can provide a treasure trove of information to a malicious actor.
You should always avoid inserting unknown or untrusted devices.
USB devices can easily be modified to include malicious software, and you should always be careful about what you insert into your computer. It is safe to assume that a USB device could contain malicious software, even if it were given to you by someone or purchased at a store.
What may look like an innocent USB power cord or USB charger can be used to deliver malware or copy files from your device. Care should always be taken before connecting any device to your computer.
Conclusion
While convenient, USB drives can pose a serious risk to your computer systems and the data stored on them.
If you must use a USB, scan it first on an isolated computer with no data or network access and scan it for malicious software. Alternatively, you can use a ‘sandboxed’ virtual machine to scan, but the more restrictive you can be, the better.
Always follow company policies on the acceptable use and storage of data. You should never use a USB drive without encrypting it and its contents.
When you’re done with the drive, we recommend contacting an IT Asset Disposition (ITAD) specialist to ensure that the data is completely inaccessible. Without proper disposition, any data that was stored on that USB drive is at risk.
Developing good cyber habits are key to continued risk avoidance and data compromise.
