1 Comment

The USB Drive: Are We Facing The Most Dangerous Cyber Weapon Yet?

The unassuming USB drive – it’s small, handy and potentially the most dangerous technological weapon yet to emerge in cyberspace.  According to some estimates, millions of computers worldwide have been infected since June with a virus known as Stuxnet, a “worm” that infiltrates and re-programs computer systems handling highly sensitive content (e.g., military installations, shipping, etc.).  As an article in Slate.com quoted earlier this month, “the deviousness of [Stuxnet’s] design has prompted many researchers to call it a ‘cyber-weapon,’ one perhaps created by the United States or Israel to disrupt Iran’s nuclear program.”

How does Stuxnet invade such guarded computer systems, you ask?  It does so through one of the most common devices in today’s tech market – a simple USB drive like the one pictured below:

Commonplace and, while it may surprise you, an almost perfect carrier for computer viruses, worms, and other malware.

Moreover, Stuxnet is hardly a fluke.  Conficker, a virus that hijacked millions of PCs last year infected the French Navy and other locations by way of an infected USB drive.  In August, the U.S. military finally admitted that it was hit by a worm called agent.btz two years ago “when an infected flash drive was inserted into a U.S. military laptop at a base in the Middle East.”  Finally, a tainted USB stick is blamed for the deadliest air disaster in Spanish history.

What makes the USB drive so perfect is that it is – seemingly – so harmless and innocent. These qualities, combined with it being everywhere and frequently in the hands of uninformed computer users, makes it potentially catastrophic. For example, when was the last time someone offered to download something – anything – onto your computer or laptop by way of a USB drive?  Perhaps you were at a law conference somewhere and someone offered to download a sample motion for you. Maybe it was a copy of a pivotal case from Lexis or Westlaw. Using a USB drive just seemed like the most convenient way to transfer information.  No big deal, you say.

Maybe, instead, you have several USBs in your office right now.  Do you know where all of them came from?  Do you know where all of them have been?

If the answer to these questions is anything other than a confident “yes,” then you may want to educate – or re-educate – yourself about the dangers of infected USB drives.  As a start, the Slate.com article referenced above is excellent and approachable even if you are not particularly “techy.”

You can also read about the Spanish airline disaster here and here.  These last two article truly underscore the ability of cyber weapons to threaten not just technology or information, but human lives.

So, the next time someone offers to stick their USB in your PC, politely say, “No thanks!” Protect yourself, your information, and the information of your clients from cyber attacks.



One comment on “The USB Drive: Are We Facing The Most Dangerous Cyber Weapon Yet?

  1. This sort of problem has existed since we’ve had PC’s. There were problems with viruses spreading even when these machines weren’t hooked up to a network and didn’t have a modem to access bulletin boards. The Internet? What’s that? Of course there were no USB devices back then either, so what was the danger to these isolated stand alone machines?

    The deadly 3.5 inch “floppy” drive that was the means of sharing files, documents and installing programs. This was the such a great improvement since they held an amazing 1.2 meg. It was frequently referred to as the “sneaker” (as in tennis shoes) network because viruses were walked from one machine to the other by a person rather than by a wire or wireless signal. That is very like how they are being distributed now with USB drives. Viruses were often spread this way especially since back then, most people didn’t have a clear concept of what a virus was much less how to prevent spreading them.

    The same precautions that were needed then are needed now and that is having all USB devices scanned on a standalone or a machine otherwise isolated from the main network. This would insure that they are virus free before they are allowed to connect to machines on the network. It would probably be cost effective for companies with a larger amount of employees to have several of these “testing stations” so there would no real slow downs if a testing machine became infected. This would probably be a good way to get a few more miles out of those old workstations before they are completely retired.

    Although it does require more time, if there were checking stations set up in the normal “security” area it would be convenient for employees coming into work to have their devices scanned and cleared before they are even in their work area. This would also help employees become more aware of the dangers inherent in these drives. Nobody would want to be the one to set off the “contaminated” alarm.

    Most small USB “thumbnail” or “key” devices would scan in a couple of minutes but larger USB external hard drives that currently go up to 3 terabytes, may be a bit of a problem because they would take a considerable amount longer. They could be left in the security area and the employee notified when it had completed scanning.

    The inconvenience caused by the increased time to clear the larger USB (or Fire-wire, or eSATA) external hard drives would tend to discourage their use as a “transport” device. Most people do not need to transfer huge amounts of data between their home and office machines and I’m sure most companies would discourage their regular use in and out of their facilities and that would be a good thing!


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: