Your browser is obsolete!

The page may not load correctly.

Unexpected guests

Незваные гости

Other issues in this category (55)
  • add to favourites
    Add to Bookmarks

Come one, come all! Get your free flash drive!

Read: 862 Comments: 15 Rating: 43

Unlike in the past, today most malicious programs are Trojans. They can't replicate themselves—users do that for them, albeit unknowingly.

Removable media remains one of the main ways malware is transported between computers. Once malware infects a system, it can be written onto all the removable media connected to the machine. The user takes care of the rest. In the corporate segment, this infection technique is used to compromise servers and ATMs.

You download files from your friends' and colleagues' removable media without scanning them with an anti-virus, right? Because you don't want to waste your time?

However, if criminals require guaranteed access to a target machine in order to spread Trojans, they can't rely on an accidental infection via a removable data storage device. Of course, they can identify an employee who can be bribed or intimidated into cooperating with them. However, this approach is risky and time consuming. Or they could just scatter removable media around the target company's premises. For example, in a parking lot. Sounds funny, right?

CompTIA conducted an experiment that involved leaving two hundred flash drives in public settings in four US cities.

  • Twenty percent of the removable drives were picked up and plugged into devices connected to the Internet. Researchers determined that users subsequently opened text files stored on the drive (indeed, who can resist the curiosity?), opened unknown URLs and sent emails to addresses found on the contacts list. Not only did this reveal how careless users could be, but it also showed that their PCs weren't protected from these kinds of threats.
  • Ninety-four percent of those who used the flash drives connected their laptops and handhelds to public—the least secure—Wi-Fi hotspots.
  • Sixty-nine percent of them worked with corporate information.
  • Thirty-eight percent used weak passwords.
  • Thirty-six percent used corporate email for their personal needs, and sixty-three percent also used corporate phones.

The complete experiment report (in English).

You think that data theft and infection are the only threats?

Trojans on removable media can render anything with a USB interface non-operational—not only desktops, but also, for example, medical equipment.

Ask yourself, what would you do if you found a flash drive? And what about your company’s employees? Your children? And if the owner didn’t turn up in a month?

Dr.Web recommends

  1. Computers should be protected to prevent the use of untrusted removable media. Use Dr.Web Security Space to create a whitelist of removable data storage devices that can be used with your computer, and restrict user permissions for accessing information stored on these devices. To learn how to do this, please refer to the Dr.Web Security Space documentation.
  2. All removable media devices that have been used on another computer must be scanned by an anti-virus being used on your computer.

    Caution! Do not remove removable media while an anti-virus scan is running! This can damage your data.

  3. The preventive protection available in Dr.Web Security Suite and Dr.Web Katana will prevent any intruders from gaining access to your computer. To find out more about how to control Dr.Web preventive protection, join our information project Configure Dr.Web 11.0.

Rate this issue and receive Dr.Weblings! (1 vote = 1 Dr.Webling)

Sign in and get 10 Dr.Weblings for sharing the link to this issue via social media.

[Twitter]

Unfortunately, due to Facebook's technical limitations, Dr.Weblings cannot be awarded. However, you can share this link with your friends for free.

Tell us what you think

Leave your comment on the day of publication and get 10 Dr.Weblings, or get 1 Dr.Webling for a comment posted any other day. Comments are published automatically and are reviewed by a moderator. Rules for leaving comments about Doctor Web news items.

To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.

Comments