If you ever come across a USB or thumb drive, that you do not recognize, leave it where it is or destroy it. It may be one you found on the ground outside your office, in a public place or even one sent to you out of the blue. Yes you may be curious and want to return it to its owner or see what it contains but the risks are too high.

Consider this jaw-dropping example. There is an Iranian nuclear facility where a virus (Stuxnet) found it way onto computers that were not even connected to the internet! It is believed staff plugged in a USB drive they found in the car park. From there the virus reached the computers controlling the centrifuges, causing them to become damaged.

Risk of USB drive attack

Now, you might be thinking, “I am not an Iranian nuclear facility”, but that doesn’t prevent cybercriminals from wanting to access your network and systems. USB drives are an easy way that bad actors can gain access. In fact, one study found that 60 percent of people were likely to connect random thumb drives found near their building and if the business logo was on the drive, the number went up to 90 percent!

It is very easy for hackers to program USBs or even purchase pre programmed drives to act maliciously once connected to a computer. Some of the actions that might happen includes:

• steal company data.
• spread an infection across the entire network.
• gain access to passwords.
• encrypt data in exchange for a ransom.
• slow down or damage equipment,

Most of these can happen without the user even knowing it, as the malware runs quietly in the background.

Avoid USB drive attacks

Here are a few ways to help keep your business safe from infected USB drives?

1. Do not plug in unknown flash drives. Hackers will try to take advantage of human curiosity or their desire to help.
2. Use different drives for personal and business computers. This helps cut down cross infection.
3. Enable security measures on USB drives, such as fingerprint authentication.
4. Keep your computer software and hardware up to date by patching regularly.
5. Disable the Autorun function within Windows. This will prevent any malicious software from immediately running when the drive is plugged in.

Need help with a security incident or want to improve your security? The experts at DP Computing are here to help. Contact us today for a free no obligation meeting to discuss your needs.