Dangers Lurking Behind Unknown USB Devices

USB devices are external hard drives and flash drives that are small, inexpensive, and portable, which are used widely for storing and transferring files from one device to another. However, the same features make them attractive and popular among cybercriminals. They use USB devices to distribute malicious and spreadable malware onto your devices. So, it’s essential to understand more about the dangers caused by unknown USB devices and how to protect your systems from damage.

What are the risks involved with USB devices?

Attackers use USB devices to infect other computers with malware which will download malicious code onto the drive when plugged into a computer.

Some attackers infect items such as electronic picture frames and USB drives during production. Then later, when users buy the infected products and use it, the malware is installed on their computers.

Attackers can also use USB devices to steal data directly from a computer. A computer’s memory stays active for several minutes without power making it vulnerable even after turned off. If an attacker succeeds to plug a USB drive into the computer during that time, it is possible to quickly reboot the system from the USB drive. Data can be then easily copied onto the drive.

What makes USB devices so attractive for cyberattacks?

Attackers make use of human curiosity:

Cybercriminals rely on the victim’s curiosity to plug in the unknown device to their computers to check its content. Surprisingly most often it’s effective!

When you find a USB device, you get curious to know the content. Most cases the attackers label them with names like “HR files” or “Staff Bonuses 2020” to tempt users to open it.

All the hard work is done by USB Device:

Cybercriminals make use of USB devices’ ability to bypass all of your Cyber-defences. Once the USB is plugged in, it means it has already bypassed the protection offered by your firewall and other cyber-defences.

A cyber virus can stay unnoticed:

Malware is sneaky. They can remain unnoticed for weeks or months after infecting your device. The damage may not be immediately visible. It may not be detected until the damage has already been done, which is called a ‘Drive-by Attack’ or ‘Drop Attack’.

How can you protect your data from infected USBs?

Here are some measures to protect your data from the dangers of unknown USB devices:

Endpoint Security

It lets you have control over how your devices treat USB devices when they’re plugged in. You can regulate by giving authority to only certain devices to read them, thus restricting the chance of human error.

Use USB security features

You should employ passwords and encryption features on your USB device to protect your data. This way, you can also prevent unauthorised people from accessing your USB. It’s also wise to back up your data on a secondary USB so you won’t lose your data even if your primary USB is lost.

Manage personal and business USB devices separately

You must avoid using a personal USB device on your business PC because the chances are that it may contain malware that could compromise your entire business network. Moreover, It’s recommended to not plug in USB devices that contain corporate data into your PC.

Avoid plugging an unknown USB device into your PC

Do not plug unknown USB devices into your own PC. It may consist of malware that could infect your devices. It could also steal and damage your personal information. Likewise, if you find a USB, it’s wise to report it to your IT department.

Disable Autorun

Windows consists of an Autorun feature that opens USBs, CDs and DVDs immediately after they are inserted into your PC. Disable this feature to prevent malicious code from an infected USB device entering your PC from opening automatically.

Implement security software and keep them updated

Use a firewall, anti-spyware or anti-virus software to make your device less vulnerable to attacks. Also, ensure the software on your device is updated since attackers use the cracks in out of date software to attack.

Multi-layered Protection

Use multiple layers of protection because USB devices have the ability to bypass your standard firewall. So, it’s vital to invest in a reliable backup system beside strong anti-virus software to protect your business. These safety rules must also be a part of employee workplace guidelines, so that they do not infect the organisation systems unknowingly. To know more about how to protect your business from cyberattacks or for a complete defence software for your business, contact us or email at cybersecurity@computingaustralia.group. Our Cybersecurity  experts in Perth are 24/7 available to assist you.

Jargon Buster

Malware – a collective name for malicious software intentionally created to cause damage to computers, networks and users. Common types of malware include viruses, ransomware, spyware, adware and trojans.
USB – Universal Serial Bus is a plug and play interface that lets a computer to communicate with peripheral and other devices.