Risks Associated with USB Drives
USB drives are known as flash drives, thumb drives, or memory sticks, but whatever you call it, it is a widely used way to transfer files. It is easy to plug into any computer, download a file, and then keep it on your key chain ready to load onto another computer later. Unfortunately, criminals know this and have used it against businesses all over the world.
How do they do this? Simple. USB drives are designed to be taken from one computer to another, so they are a great way to spread malicious software. There are many reports of hackers dropping “dirty” USB drives in hospital parking lots just waiting for someone to pick it up and think, “Hey! Free drive! It’s my lucky day!” and then to plug it into a hospital computer. Of course, as soon as that happens, the drive will load ransomware and lock down the entire system.
Another tactic is to search for USB drives connected to a computer and loading a virus on it, ready to activate as soon as it is plugged into a new computer. Taking a USB drive from the library computer to your own home computer, is like not washing your hands after using the restroom. It’s a perfect way for “bugs” to move around.
“Criminals know that you like how convenient and mobile USB drives are, and they use them to spread malware.”
If you want to make sure that your USB drive is not a gaping hole in your security, there are a number of things you can do.
Disable your USB ports if you don’t need them.
This is an especially good option for businesses. Sometimes it is better to just eliminate the risk altogether. For most situations, it is acceptable to ask your employees to use a different method to transfer files. Disabling your ports is rather easy in Windows 10. You simply locate the ports in your device manager, right click, and select “Disable”.
Never Use USB Drives You Find
This is pretty straight forward. If you didn’t go to the store and pay money for a new, unused USB drive, don’t plug it into your computer.
Write Disable Your USB Drives
Malware cannot save a virus on your USB drive if you disable all writing onto the drive. Writing to a drive is another way of saying saving a file on the drive. For larger sticks, this is a little slider or switch physically on the device. It’s a lot like the write protect slider on old 3.5 inch “floppy” disks. (Am I showing my age?) Smaller USB drives don’t have this feature; there would be no where to put it. For these, you must do it through software. Computerhope.com has a good tutorial on how to do this.
Of course, this can cause problems if you are trying to save a file. This solution is best for drives that are used to store files that are already created and simply need to be moved from one place to another. An example would be using a USB drive to boot software.
Scan USB Drives for Malware on a Regular Basis
Whatever anti-virus/anti-malware software you use, it should be able to scan a USB drive plugged into the computer. The hardest part of this is remembering to scan it, since it might not be plugged in during your scheduled scans. My suggestion is to make a habit of scanning it each time you plug it in, but especially each time you return from using it on a different computer. You may have to create a custom scan for this. I use Norton Security for my computer, so here is how you do it on my system.
- Plug in your USB drive. Go to your Scans page in your anti-virus program. Select “Custom Scan” and click “Go”.
2.Next, click “Create Scan”
3. Name your new scan and select “Add Drives”
4. Find your USB drive on the list, and click “Add”
5.Verify that your drive is on the list, then select “Next” across the next few pages, accepting the default settings, and finally hit “Save”
6. Your new scan should now be in the list of custom scans. To run it, simply click “Run” next to the USB scan you just created.
Part of having a secure system is considering all of the different ways that hackers can access your system. USB ports are just one example of a vulnerability. Doing the above steps will go far to protect this particular vulnerability. If you wish to have your system evaluated for other vulnerabilities, please contact us. Our rates are reasonable and you have the chance to sit down with a security expert one-on-one who can help you understand all the aspects of your cybersecurity.