If you’re like me, the USB has been an effective tool for both charging devices and portability of files. There are a number of USB vulnerabilities that you should be aware of.
Here are 6 USB Vulnerabilities that you should be aware of, and at the end of this article we’ll give you few ways to protect yourself.
Six USB Vulnerabilities
1/6 USB Vulnerabilities — Losing Your USB Flash Drive
The typical use case of the USB drive is that you copy your file onto the drive and use it for a presentation or for work from home. The moment your use for the file or files are over the USB drive is discarded. A shocking 35% of USB flash drives are used exactly once. Once lost, whatever file was on that drive: sales reports, contract terms, client or medical information have been given to an unauthorized party. In fact, this simple and innocuous activity may be considered a Data Breach, worthy of notice to regulators, third parties and clients.
2/6 USB Vulnerabilities — Finding a USB Flash Drive
A typical security assessment of any organization will have as a component an exercise to see how many people pick up cool looking USB drives and plug them into the network. Free stuff is hard to resist, but you may also just be looking to discover whose USB drive it is. Don’t do it! It is possible malware could be lurking in these found drives and are ready to infect your computer and your network. As soon as you plug it in, you and your network are vulnerable.
3/6 USB Vulnerabilities — Giving a USB Drive Away
This is along the lines of Vulnerability 1. Never give away a USB drive without ensuring that the data on the drive has really been removed. Again, releasing data to an unauthorized party could be considered a data breach.
4/6 USB Vulnerabilities — USB Specific Malware
One of the problems with some USB drives is that they are programmable. Unfortunately the firmware can be updated by those wanting to steal your data or other assets, and this type of malware goes largely unrecognized by antivirus software. For example, this type of malware could intercept traffic between your keyboard and log it all, or change what sites you visit by altering your DNS Settings. In the latter, you thought you were going to your bank website, but instead you went to hacker’s website where your credentials were stolen.
5/6 USB Vulnerabilities — Recognize Your Drive
In a box full of drives, can you recognize your own ? It’s very common for users to accidentally grab the wrong one, or for someone else to grab yours. This can be both embarrassing, and again a potential data breach. A Name written with a Sharpie can do the trick.
6/6 USB Vulnerabilities — Using USB Ports to Recharge
It can can be very appealing to plug your USB device into a public charging station. There is always a large queue around these stations at Airports and other public venues, but because the USB protocol is used for both charging and sharing data, you could also be exposing your data to criminals.