USB Flash Drive Malware: How It Works & How to Protect Against It
1 Star2 Stars3 Stars4 Stars5 Stars (3 votes, average: 4.33 out of 5)
Loading...

USB Flash Drive Malware: How It Works & How to Protect Against It

From the University of Illinois to Iran (and everywhere in-between), USB flash drive malware is a serious risk

Back in 2016, researchers from the University of Illinois left nearly 300 unmarked USB flash drives in and around the University campus to see how people reacted to them. All in all, 98% of the dropped devices were found by students and staff, and the study found that at least half of these were plugged into a host device to try to access the content.

For a hacker trying to contaminate a computer network, those statistics are pretty much a slam dunk and paints a picture of how careless we can be with our USB devices.

Let’s hash it out.

A History of USB Drive Malware

USB drives have been around for over 20 years, offering users a convenient method to store and move files between computers that aren’t digitally connected to each other.

Natanz nuclear facility, the target of the Stuxnet USB malware attack.

Cyber threat actors have routinely abused this capability with the most famous example being the ‘world’s first digital weapon,’ the Stuxnet worm first discovered back in 2010, which used USB devices to attack the network of an Iranian nuclear facility.

Although USBs are still frequently used, cloud services of today, such as Dropbox and Google Drive, have taken on much of the responsibility when it comes to file storage and transfer, and there is a greater understanding of the security risk that can be posed by USB devices. Millions of USB devices are still designed, produced and sold each year with many used at home and at work (they’re also still a very popular item during promotional giveaways).

In 2017, a Kaspersky Lab data study revealed that every year around one in four USB users across the globe are affected by a ‘local’ cyber incident. This can refer to breaches that result from viruses that are present on the user’s computer or are introduced by infected removable media.

The USB Malware Security Challenge

USB drives continue to pose a big challenge when it comes to information security for both consumers and businesses.

Although tactics to block threats of a malicious nature from USB drives have been around almost as long as the drives themselves and the danger of contracting a malware infection is widely understood, USB malware attacks are still occurring.

Why? People continue to plug USB drives into computer systems that are unprotected, so they’re making it easy for cybercriminals to penetrate their data.

No matter the various safeguards available, the fact remains that there will always be a considerable percentage of devices that aren’t running antivirus software, not set up to scan USB drives, or not set to disallow autorun.

This means that an infected flash drive plugged into an unprotected device could instantly infect it and spread the virus through any network it’s attached to.

How Do USB Devices Get Infected with Malware?

It’s possible to come across both unintentional and intentional infection. The Stuxnet worm is an example of the latter, where someone uploads malicious code onto the drive with the intention of filtering the code into the targeted network.

Unintentional infection might occur when someone plugs an unprotected USB into a poorly safeguarded system in an internet café, airport or anywhere with poor public endpoint security (which is about 70% of places). You may detect the virus sometime after you’ve plugged the device into your machine, but there’s no telling what damage may have already been done.

How to Protect Your USB Device

If you’re using a USB drive to transfer files across several host devices, it can make you vulnerable to malware – and you can never be too careful when it comes to USB security, particularly if you’re handling sensitive data.

Contracting a virus can take a matter of seconds from the moment you plug the device into the host network. Whether you contract ransomware, which locks down your entire system, or silent malware that infects your machine quietly, it could do huge damage by the time you’ve noticed it.

Unfortunately, USB flash drive malware doesn’t work like an email virus (which requires you to click on something), all it takes is plugging an infected USB into a machine. 

Having said that, there are several different methods that you can use to ensure that your data isn’t exposed and about to fall into the wrong hands.

How to Defeat USB Drive Malware: Software Security

Write Protectors

If your USB drive doesn’t include a hardware switch for write protection, then you should be using a software write protector, such as USB Write Protect 2.0. A software write protector will effectively prevent any data from being deleted as well as protect the device from malware being written onto your drive.

USB Anti-Virus

If you have write protection enabled, there is still a possibility of contracting a virus when you go to transfer files, so it makes sense to use a decent USB anti-virus such as ClamWin.

Encryption

If you’re looking to protect your privacy by securing your data, you could install an encryption program like VeraCrypt or BitLocker to Windows for password protection on your USB device.

This means that even if someone has access to your device, it will make it much harder for them to retrieve sensitive information or hide malicious files inside your existing files and folders.

Protect Your Host Device

If your device is unintentionally infected, you probably won’t know about it immediately. The best thing to do is to protect yourself from the outset by installing software that will inform you if your removable device is infected with malicious malware.

USB Firewall will protect your computer from third-party programmes introduced from a USB device by running in the background and informing you of suspicious activity.

How to Defeat USB Drive Malware: Hardware Security

Image via Geek.com

Keypad Flash Drive

Some flash drives are available with a keypad that allows you to create a unique password, which will physically lock the device (like a padlock). You’ll simply need to enter the unique password to access your device.  

Self-Destruct

Flash drives, such as Ironkey, will ‘self-destruct’ if the password is entered incorrectly too many times. There are also some flash drives which are configured to delete files after a certain period.

Hardware Encryption

If you need to transfer serious data onto a flash drive, you could opt for a flash drive with 128-bit AES hardware encryption. Hardware encryption is often considered a better option than software encryption since it doesn’t carry the same risk of getting hacked.

Conclusion

Stopping USB drive malware is important for individuals and for organizations. USB devices are still very much part of our everyday lives at work and at home, despite the emergence of Dropbox and Google Drive. However, unless we learn to protect the information we have stored on our USB devices, we’re guilty of making things much easier for those who wish to misuse our data.

4 comments
  • You didn’t specifically mention attacks against the USB drive firmware such as BadUSB. Are there any current mitigations against that type of attack?

    • I’m writing a tech report and using a USB stick to store all the info. I’m using a laptop that’s not connected to the internet. Can my report be compromised due to any kind of hacking. If so, what should I do in case this has occurred?

  • USB drive malware is a serious problem. it can be harmful for important personal information. we need to fix it immediately. get some idea from this article how to fix this problem. it will help you.

  • I’m writing a tech report and using a USB stick to store all the info. I’m using a laptop that’s not connected to the internet. Can my report be compromised due to any kind of hacking. If so, what should I do in case this has occurred?

Leave a Reply

Your email address will not be published. We will only use your email address to respond to your comment and/or notify you of responses. Required fields are marked *

Captcha *