(4 votes, average: 3.50 out of 5, rated)

December 16, 2019 7

USB Flash Drive Malware: How It Works & How to Protect Against It

in Hashing Out Cyber Security

From the University of Illinois to Iran (and everywhere in-between), USB flash drive malware is a serious risk

Back in 2016, researchers from the University of Illinois left nearly 300 unmarked USB flash drives in and around the University campus to see how people reacted to them. All in all, 98% of the dropped devices were found by students and staff, and the study found that at least half of these were plugged into a host device to try to access the content.

For a hacker trying to contaminate a computer network, those statistics are pretty much a slam dunk and paints a picture of how careless we can be with our USB devices.

Let’s hash it out.

A History of USB Drive Malware

USB drives have been around for over 20 years, offering users a convenient method to store and move files between computers that aren’t digitally connected to each other.

Natanz nuclear facility, the target of the Stuxnet USB malware attack.

Cyber threat actors have routinely abused this capability with the most famous example being the ‘world’s first digital weapon,’ the Stuxnet worm first discovered back in 2010, which used USB devices to attack the network of an Iranian nuclear facility.

Although USBs are still frequently used, cloud services of today, such as Dropbox and Google Drive, have taken on much of the responsibility when it comes to file storage and transfer, and there is a greater understanding of the security risk that can be posed by USB devices. Millions of USB devices are still designed, produced and sold each year with many used at home and at work (they’re also still a very popular item during promotional giveaways).

In 2017, a Kaspersky Lab data study revealed that every year around one in four USB users across the globe are affected by a ‘local’ cyber incident. This can refer to breaches that result from viruses that are present on the user’s computer or are introduced by infected removable media.

The USB Malware Security Challenge

USB drives continue to pose a big challenge when it comes to information security for both consumers and businesses.

Although tactics to block threats of a malicious nature from USB drives have been around almost as long as the drives themselves and the danger of contracting a malware infection is widely understood, USB malware attacks are still occurring.

Why? People continue to plug USB drives into computer systems that are unprotected, so they’re making it easy for cybercriminals to penetrate their data.

No matter the various safeguards available, the fact remains that there will always be a considerable percentage of devices that aren’t running antivirus software, not set up to scan USB drives, or not set to disallow autorun.

This means that an infected flash drive plugged into an unprotected device could instantly infect it and spread the virus through any network it’s attached to.

How Do USB Devices Get Infected with Malware?

It’s possible to come across both unintentional and intentional infection. The Stuxnet worm is an example of the latter, where someone uploads malicious code onto the drive with the intention of filtering the code into the targeted network.

Unintentional infection might occur when someone plugs an unprotected USB into a poorly safeguarded system in an internet café, airport or anywhere with poor public endpoint security (which is about 70% of places). You may detect the virus sometime after you’ve plugged the device into your machine, but there’s no telling what damage may have already been done.

How to Protect Your USB Device

If you’re using a USB drive to transfer files across several host devices, it can make you vulnerable to malware – and you can never be too careful when it comes to USB security, particularly if you’re handling sensitive data.

Contracting a virus can take a matter of seconds from the moment you plug the device into the host network. Whether you contract ransomware, which locks down your entire system, or silent malware that infects your machine quietly, it could do huge damage by the time you’ve noticed it.

Unfortunately, USB flash drive malware doesn’t work like an email virus (which requires you to click on something), all it takes is plugging an infected USB into a machine.

Having said that, there are several different methods that you can use to ensure that your data isn’t exposed and about to fall into the wrong hands.

How to Defeat USB Drive Malware: Software Security

Write Protectors

If your USB drive doesn’t include a hardware switch for write protection, then you should be using a software write protector, such as USB Write Protect 2.0. A software write protector will effectively prevent any data from being deleted as well as protect the device from malware being written onto your drive.

USB Anti-Virus

If you have write protection enabled, there is still a possibility of contracting a virus when you go to transfer files, so it makes sense to use a decent USB anti-virus such as ClamWin.

Encryption

If you’re looking to protect your privacy by securing your data, you could install an encryption program like VeraCrypt or BitLocker to Windows for password protection on your USB device.

This means that even if someone has access to your device, it will make it much harder for them to retrieve sensitive information or hide malicious files inside your existing files and folders.

Protect Your Host Device

If your device is unintentionally infected, you probably won’t know about it immediately. The best thing to do is to protect yourself from the outset by installing software that will inform you if your removable device is infected with malicious malware.

USB Firewall will protect your computer from third-party programmes introduced from a USB device by running in the background and informing you of suspicious activity.

How to Defeat USB Drive Malware: Hardware Security

Image via Geek.com

Keypad Flash Drive

Some flash drives are available with a keypad that allows you to create a unique password, which will physically lock the device (like a padlock). You’ll simply need to enter the unique password to access your device.

Self-Destruct

Flash drives, such as Ironkey, will ‘self-destruct’ if the password is entered incorrectly too many times. There are also some flash drives which are configured to delete files after a certain period.

Hardware Encryption

If you need to transfer serious data onto a flash drive, you could opt for a flash drive with 128-bit AES hardware encryption. Hardware encryption is often considered a better option than software encryption since it doesn’t carry the same risk of getting hacked.

Conclusion

Stopping USB drive malware is important for individuals and for organizations. USB devices are still very much part of our everyday lives at work and at home, despite the emergence of Dropbox and Google Drive. However, unless we learn to protect the information we have stored on our USB devices, we’re guilty of making things much easier for those who wish to misuse our data.

How to Fix ‘ERR_SSL_PROTOCOL_ERROR’ on Google Chrome

5 Ways to Determine if a Website is Fake, Fraudulent, or a Scam – 2018

Re-Hashed: How to clear HSTS settings in Chrome and Firefox

Re-Hashed: How to Fix SSL Connection Errors on Android Phones

Re-Hashed: The Difference Between SHA-1, SHA-2 and SHA-256 Hash Algorithms

Re-Hashed: Troubleshoot Firefox’s “Performing TLS Handshake” Message

How to fix the SSL_ERROR_RX_RECORD_TOO_LONG Firefox Error

The Difference Between Root Certificates and Intermediate Certificates

The difference between Encryption, Hashing and Salting

Rehash: How to Fix the SSL/TLS Handshake Failed Error

How to Remove a Root Certificate

This is what happens when your SSL certificate expires

How strong is 256-bit Encryption?

The 25 Best Cyber Security Books — Recommendations from the Experts

Cipher Suites: Ciphers, Algorithms and Negotiating Security Settings

Browser Watch: SSL/Security Changes in Chrome 58

Re-Hashed: How to Trust Manually Installed Root Certificates in iOS 10.3

Taking a Closer Look at the SSL/TLS Handshake

Executing a Man-in-the-Middle Attack in just 15 Minutes

How to View SSL Certificate Details in Chrome 56

New Industry Standards Working Group Aims to Define Industry Terms

Don’t Let These Password Cracking Attacks Catch You Off Guard

Gartner Says PKI Was a Bigger Challenge in 2023 Than MFA

A Look at U.S. Business Email Compromise Statistics (2024)

PKI Mistakes That Were So Bad They Made Headlines (12 Examples)

How to Sign a Word Document Using a Digital Signature Certificate

5 Ways to Avoid Your Company Falling for Deepfake Scams

How Do I Make My Website Secure? The Essential Guide

The Ultimate Guide to 13 U.S. Data Privacy Laws (And What They Mean to Your Business)

Demystifying SAML Authentication: A Look at the Role of SAML in SSO-Based Access Management

Quantum Computing Just Took a Big Step Forward

20 Generative AI, ChatGPT & Deepfake Statistics You Should Know For 2024

‘Authentic’ Is More Than Merriam-Webster’s Word of the Year For 2023

Key Takeaways from the Second PKI Consortium Post-Quantum Cryptography Conference

6 Dangers of Generative AI and What’s Being Done to Address Them

OCSP vs CRL: What Each Is & Why Browsers Prefer One Over the Other

Google & Yahoo to Roll Out New Email Authentication & Spam Prevention Requirements in February 2024

A Look at 30 Key Cyber Crime Statistics [2023 Data Update]

How to Create a Custom Digital Signature in Adobe Acrobat Reader

How to Digitally Sign a PDF in Adobe Acrobat (A Step-By-Step Guide with Pics & Video)