EOL IT Services has now merged with tier1 Asset Management Ltd

Is that USB Flash Drive a Security Risk?

by | Nov 10, 2014 | IT Security

USB Flash Drives are so useful and so commonly used by most of us today that it would be difficult to imagine a world of computers without them. However, in spite of their benefits, there is a possibility that they also pose a security threat by result of a programmable chip inside them. This chip has been found in many different types of USB devices and can allow 3rd parties access into your computer systems.

Read this guide to learn what is does and how you can minimise the risks for your business.

What does it do?

Researchers have developed a piece of software to demonstrate what this programmable chip inside the USB Flash Drives are capable of.  The Flash Drives can be used to completely take over any PC into whose USB port they are inserted, allowing them access to all data on that PC. It has the ability to send codes both to the computer from the USB and from the USB to the PC. Tracking web history, downloading and uploading files and even adding malicious and infected software into installations on the PC.

In fact, it’s so complex that it is able to control keyboards, thus is able to type commands. This means that a seemingly harmless, USB Flash Drive would be able to carry out any task that any computer user could.

The worse news is that nothing can really be done to prevent these malicious attacks. Of course, you can scan and delete files on these flash drives, but it is nigh on impossible to even come close to destroying these types of files. This is because, instead of the files being stored in a folder on the device, they are actually installed in the firmware of the device itself, effectively reprogramming it.

How can you minimise the risk to your business?

In order to reduce the risk that your business will fall victim to this problem, you and everyone within your business must change their behaviour with regards to using USB Flash Drives.

It is vital that you only use USB devices from trusted sources. Never, for any reason, borrow one from someone outside the business that may stand as a threat. Treat your computer security as you would when asking someone to watch your handbag or briefcase.

While this may seem over the top, it is essential in order to ensure the safety of your computer network. If you come across a USB that is not yours, and you don’t know whose it is, you should not use it. Remember, just because a device appears not to have anything wrong with it doesn’t mean that it doesn’t; you should automatically consider it dangerous.

Unfortunately, as there are currently no ways of destroying such software and programming on these USB devices, there is no way to completely eliminate a risk to any businesses. The only thing you can do is increase awareness in the workplace and reinforce the importance of prudence.

[Photo Credit: Kai-Erik]

Recent Stories

What Do Refurbished Technology Grades Mean?

What Do Refurbished Technology Grades Mean?

As enterprises strive to balance their sustainability targets and a limited financial budget with the technology requirements of the business, an increasing number of CIOs are taking a circular approach to IT procurement. Our ‘take, make, dispose’ culture has had a...

7 Questions to Ask Your ITAD Supplier.

7 Questions to Ask Your ITAD Supplier.

The growth of the cloud, the emergence of hybrid working and remote collaboration along with the soaring quantities of data-rich Internet of Things devices means that IT asset disposition no longer solely concerns the disposal of end of life IT assets. Today’s ITAD...

Are Unintentional Cyber-attackers Risking your Data Security?

Are Unintentional Cyber-attackers Risking your Data Security?

As we learnt during the last couple of years, for the cyber-criminals, a crisis merely presents an opportunity. In 2020, malware attacks rose by 358% and in the first quarter of 2022, Russia experienced nearly 3.6 million data breaches, an 11% increase*. Cyber-attacks...