Don’t Plug In Anything To Unknown Computer Devices
Key Points:
- We’ve all done it and never given it a second thought.
- A stranger stops you and asks if this is your USB drive.
- It took 14 months to eradicate the worm that ate the Pentagon.
- These five steps protect your information.
- A common sense tip to avoid a cybersecurity nightmare.
Sharing phone chargers, or borrowing someone else’s USB drive, flash drive, or stick is so common we never stop to think if that device is genuinely safe. We’ve all done it and never given it a second thought.
According to the Cybersecurity & Infrastructure Security Agency (CISA), attackers often use USB drives to infect unprotected computers with malware. With that level of sabotage, Duleep Pillai has a warning in today’s video.
Is This Your Thumb Drive I Found On The Ground?
All it takes is a brief encounter when a stranger stops you and asks if the USB drive they found belongs to you. You may say it’s not, but the passerby may say you can have it because they don’t use them. Once in your possession, would you plug it into your computer?
Unfortunately, many do, not realizing it may have malware stored inside. The moment it’s plugged into a USB port, the attack begins. That scenario is commonly known as a USB drop attack, and the person who gave it to you is potentially a cybercriminal.
Here are the main types of attacks from a USB drive or stick.
- Malicious Code — A user clicks on an unknown file from the drive. The malicious code immediately activates, permitting more malware to download from the Internet.
- Social Engineering — The thumb drive user gets tricked into going to a phishing site, which tricks the individual into giving away their login credentials.
- Human Interface Device Spoofing — This device resembles a USB stick. However, once plugged in, the computer detects that it is an attached keyboard. That initiates keystrokes commands to the computer, giving the hacker remote access.
Remember The Worm That Ate The Pentagon?
Of all the federal agencies and entities, it was hard to believe. The worst cyberattack in Department of Defense history started because someone found a USB drive, in a U.S. military installation parking lot, in the Middle East.
That’s when the Agent.btz worm started crawling through the DOD’s classified SIPRNet. It was a flash drive infected with a virus. After plugging it into one of the Defense Department’s computer networks, it rapidly spread across classified and unclassified networks.
Oddly enough, no one knew the device was plugged in and went undetected until the NSA’s Advanced Networks Operations team found it. Though it took 14 months to eradicate it, in the end, it led to the creation of the 11th military unified command, known as The U.S. Cyber Command.
Here’s How You Can Proactively Protect Your Data
Protecting your data from an unknown device you discovered or given is found in these five steps. So, before you consider plugging into an unknown computer device, do this first:
- Never plug an unknown USB drive into your computer.
- Take full advantage of every security feature on your device.
- Always keep personal and business USB drives separate.
- Check your settings and disable the autorun feature.
- Use and maintain security software, and keep it updated.
These steps may seem obvious to most, but many forget to protect their computers. Your approach to protecting your data will improve now that you have them.
Here’s A Common Sense Tip From Veltec Networks
Using an available USB port to charge your phone or tablet is often tempting. However, that quick charge could expose your device to a malware attack. Your best option is to use a reputable and recognized device charger. Better yet, do this first!
Double-checking what you’re using or plugging into is crucial to avoid a cybersecurity nightmare. If you’re unsure if the device is safe to use or plug into, contact us today or call Toll Free at (855) 5-VELTEC to speak to a Veltec Networks cybersecurity expert for assistance.