For a hacker trying to contaminate a computer network, those statistics are pretty much a slam dunk and paints a picture of how careless we can be with our USB devices.<\/p>\n\n\n\n
Let\u2019s hash it out.<\/span><\/p>\n\n\n\n USB drives have been around for over 20 years, offering users a convenient method to store and move files between computers that aren\u2019t digitally connected to each other.<\/p>\n\n\n\n Cyber threat actors<\/a> have routinely abused this capability with the most famous example being the \u2018world\u2019s first digital weapon,\u2019 the Stuxnet worm<\/a> first discovered back in 2010, which used USB devices to attack the network of an Iranian nuclear facility.<\/p>\n\n\n\n Although USBs are still frequently used, cloud services of today, such as Dropbox and Google Drive, have taken on much of the responsibility when it comes to file storage and transfer, and there is a greater understanding of the security risk that can be posed by USB devices. Millions of USB devices are still designed, produced and sold each year with many used at home and at work (they\u2019re also still a very popular item during promotional giveaways).<\/p>\n\n\n\n In 2017, a Kaspersky Lab data study revealed that every year around one in four USB users across the globe are affected by a \u2018local\u2019 cyber incident. This can refer to breaches that result from viruses that are present on the user\u2019s computer or are introduced by infected removable media. <\/p>\n\n\n<\/span><\/span>\n\n\n\n USB drives continue to pose a big challenge\nwhen it comes to information security for both consumers and businesses. <\/p>\n\n\n\n Although tactics to block threats of a\nmalicious nature from USB drives have been around almost as long as the drives\nthemselves and the danger of contracting a malware infection is widely\nunderstood, USB malware attacks are still occurring. <\/p>\n\n\n\n Why? People continue to plug USB drives\ninto computer systems that are unprotected, so they\u2019re making it easy for\ncybercriminals to penetrate their data. <\/p>\n\n\n\n No matter the various safeguards available,\nthe fact remains that there will always be a considerable percentage of devices\nthat aren\u2019t running antivirus software, not set up to scan USB drives, or not\nset to disallow autorun. <\/p>\n\n\n\n This means that an infected flash drive\nplugged into an unprotected device could instantly infect it and spread the\nvirus through any network it\u2019s attached to. <\/p>\n\n\n\n It\u2019s possible to come across both\nunintentional and intentional infection. The Stuxnet worm is an example of the\nlatter, where someone uploads malicious code onto the drive with the intention\nof filtering the code into the targeted network.<\/p>\n\n\n\n Unintentional infection might occur when someone plugs an unprotected USB into a poorly safeguarded system in an internet caf\u00e9, airport or anywhere with poor public endpoint security (which is about 70% of places)<\/a>. You may detect the virus sometime after you\u2019ve plugged the device into your machine, but there\u2019s no telling what damage may have already been done.<\/p>\n\n\n\nA History of USB Drive Malware<\/h2>\n\n\n\n
![\"\"](\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2019\/12\/Natanz-nuclear-300x225.jpg\"){kind=spacer}
The USB Malware Security Challenge<\/h2>\n\n\n\n
How Do USB Devices Get Infected with Malware?<\/h2>\n\n\n\n