Technology News

latest updates from easySERVICE™

One More BYOD Security Hazard: Latest USB Flash Drives

flash drive malware

You should be already aware of the data theft risks that USB flash drives pose to your company – even a seemingly lowly 2GB drive can hold a lot of precious data – but a new threat has emerged which makes them even more dangerous.

Hackers have come up with an ingenious way to bypass the Microsoft’s AutoRun protection measures present on Windows 7 and Windows 8 by making the flash drive pretend it’s a keyboard.

Within 50 seconds of first plugging one of these devices into a PC, the malicious scripts or files contained on it will be run and the system is compromised. This load time is cut down substantially on subsequent mountings of the device. Without a physical inspection of the device, it’s almost impossible to tell it apart from a benign flash drive.

Currently there are no security patches for this problem, and given the low-level nature of the access, it remains to be seen whether this is even possible.

Then there’s security software. While endpoint security can go some way to protecting against this sort of threat, this is a new threat and one that current security tools are not ready to deal with.

That leaves physical security. This includes:

  • Physically protecting USB ports.
  • Strict audit of USB hardware.
  • Using tamper-proof USB devices, such as IronKey USB flash drives.
  • Confiscation for inspection, and then destruction of unauthorized hardware.

All this might seem extreme, but at present this is all that companies have got to protect themselves against this low-cost, high-risk threat.

Share your thoughts in the comments below and don’t forget to like this post.

Source: Associated Press

 

Advertisements

One comment on “One More BYOD Security Hazard: Latest USB Flash Drives

  1. StellarPhoenixS
    April 15, 2014

    Reblogged this on Stellar Phoenix Solutions.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Information

This entry was posted on July 30, 2013 by in BYOD, Microsoft, Security, Technology and tagged , , , , , , , .
%d bloggers like this: