You’re walking along and minding your own business when you spot a USB thumb drive on the ground somewhere, maybe even on the floor in your office building. You might be tempted to see what’s on it, even if only to try to reunite it with its rightful owner.
Weaponized USB drives are a favorite trick of hackers, who know that leaving a drive lying around makes it pretty likely that someone will do the hard part for them. And they’re right: in a University of Illinois study a few years ago, researchers left some 300 USB drives around the campus. These drives were written with files that would report back if someone found the drive and used it on an internet-connected computer. And the campus population failed the test with flying colors: 98% of the drives were picked up, and at least one file was opened on nearly half of them.
USB drives are easy to lose, so maybe the one you found just fell out of a purse or pocket. If you’re a dry cleaner you might have a whole box of them from people forgetting to empty their pockets. But maybe someone wants access to your company’s information and left a drive conveniently planted in your parking lot. The trouble is, there’s no way to tell until it’s too late.
There are ways to check a drive safely, one being to open it on an “air-gapped” PC … one that’s not connected to the internet and where the OS can be easily wiped and reinstalled. Note that this does not mean disconnecting a PC from your network, checking out the drive and then reconnecting the PC. The malware on that drive might hide in the shadows for quite a while before it unleashes its attack.
Other options include checking out the drive’s contents in a virtual Linux environment, or creating a virtual OS environment inside your real OS.
But you know what? It’s much easier and safer to set your curiosity aside and just keep walking.
Questions about securing your business against cyber threats? Contact Hill Tech Solutions.