“We have a lab environment, and we have isolated sandboxed systems,” Novak continued.
When the company finds untrusted USB drives, it can test them, said Chris Novak, a director with the firm’s RISK team, a computer investigations group. “Do not trust, don’t plug or insert untrusted media into your computer.”įor anyone tempted by the relative ubiquity of USB drives, this is hard advice to take. Security services provider Verizon, which publishes the annual data breach report, recommends that companies attempt to keep track of whenever USB drives are used. “In the current world, there is no advice…except to know the provenance of the USB drive,” Bailey said. Would you open an email attachment from someone you did not know, or one that seemed suspicious? Opening files on an untrusted USB drive is similar, said Michael Bailey, an associate professor of electrical and computer engineering at the University of Illinois Urbana-Champaign and one of the co-authors of the research paper.
#SCAN THUMB DRIVE MAC#
While modern Windows and Mac systems no longer run programs on a USB stick by default, other attacks, such as BadUSB, can make a USB drive appear to be something else, such as keyboard, and then use that access to take malicious actions.
While some of the people made an attempt to check the drive for malware-scanning it with antivirus software, for example-very few seemingly understood the risk of using an untrusted USB drive. In a recent and more rigorous experiment, a group of researchers from the University of Illinois Urbana-Champaign, University of Michigan and Google, dropped nearly 300 USB thumb drives around six campus locations and found that at least 45 percent of them were plugged into a computer and perused by the person who found them. Fifteen of them were found by employees, and each of those was eventually plugged into a computer, unwittingly running a program that communicated with a “bad” server. A decade ago, a group of penetration testers-hackers who are paid to break into companies, a la Sneakers-dropped 20 USB sticks around the parking lot of a credit union. Maybe you know not to plug strange USB drives into your computer, but trends indicate that most people think nothing of it.
0 kommentar(er)
