Cyber Security – Are you protected against USB drives from all sources?
Here’s important cyber security news from Bryce Austin of TCE Strategy about something we rarely give a second thought to – USB storage devices:
“This has been a very exciting month in the world of cybersecurity!
… the USA Secret
Service has a bit of egg on its face after inspecting a USB drive from a
Chinese national who was arrested inside President Trump’s Mar-a-Lago resort.
The USB drive immediately began installing malicious files on the computer it
was plugged into (USB drives are a well-known vulnerability, as the act of
plugging them in is enough to allow files to be executed on a computer using
exploits called BadUSB and USBHarpoon). Details about the particular Secret
Service computer that was used to examine the USB drive in question have not
been released. If that computer was stand-alone (no network, no Internet, no
connections to anything other than a keyboard, monitor and mouse), then the
Secret Service followed basic cybersecurity best practices. An even better idea
would have been to use specialized equipment that is not a true
fully-functioning computer, but rather a piece of hardware specifically
designed to interrogate USB drives without risk of infecting a traditional
computer operating system. If the USB drive in question was plugged into a
networked computer, then it would be a breach of the most basic of
cybersecurity protocols. I have had the honor of speaking at Secret Service
events in the past, and I’m choosing to take the stance that the Secret Service
likely followed reasonable cybersecurity protocols, and that this issue is
being overblown. It would be in the public best interest for more details to be
released so that private companies can learn from this event.
In addition to a cybersecurity-focused
publication (Ars Technia), I’ve included two articles below from larger media
outlets (USA Today and Fox News). It is regrettable that best practices when
handling USB drives receives so little attention.
The takeaway from this event is simple: don’t
plug in USB drives without having a good, strong history as to where it has
been and who has used it. Think of USB drives like prescription drugs – do you
really want to swallow a pill that you aren’t 99.999% sure it is what it claims
to be? Of course not. Don’t let your computer swallow a poison pill either.
Throw out USB drives that have any reasonable chance of being infected with
malware.
https://www.usatoday.com/story/news/politics/2019/04/03/mar-lago-arrest/3356751002/
https://www.bleepingcomputer.com/news/security/usbharpoon-is-a-badusb-attack-with-a-twist/
Until next month, stay safe!”
About Bryce Austin:
Bryce Austin, CEO of TCE Strategy, provides CIO and CISO advisory level services and is a keynote speaker around the globe. Please click here to talk to Bryce about how he can help your organization.