EOL IT Services has now merged with tier1 Asset Management Ltd

Is that USB Flash Drive a Security Risk?

by | Nov 10, 2014 | IT Security

USB Flash Drives are so useful and so commonly used by most of us today that it would be difficult to imagine a world of computers without them. However, in spite of their benefits, there is a possibility that they also pose a security threat by result of a programmable chip inside them. This chip has been found in many different types of USB devices and can allow 3rd parties access into your computer systems.

Read this guide to learn what is does and how you can minimise the risks for your business.

What does it do?

Researchers have developed a piece of software to demonstrate what this programmable chip inside the USB Flash Drives are capable of.  The Flash Drives can be used to completely take over any PC into whose USB port they are inserted, allowing them access to all data on that PC. It has the ability to send codes both to the computer from the USB and from the USB to the PC. Tracking web history, downloading and uploading files and even adding malicious and infected software into installations on the PC.

In fact, it’s so complex that it is able to control keyboards, thus is able to type commands. This means that a seemingly harmless, USB Flash Drive would be able to carry out any task that any computer user could.

The worse news is that nothing can really be done to prevent these malicious attacks. Of course, you can scan and delete files on these flash drives, but it is nigh on impossible to even come close to destroying these types of files. This is because, instead of the files being stored in a folder on the device, they are actually installed in the firmware of the device itself, effectively reprogramming it.

How can you minimise the risk to your business?

In order to reduce the risk that your business will fall victim to this problem, you and everyone within your business must change their behaviour with regards to using USB Flash Drives.

It is vital that you only use USB devices from trusted sources. Never, for any reason, borrow one from someone outside the business that may stand as a threat. Treat your computer security as you would when asking someone to watch your handbag or briefcase.

While this may seem over the top, it is essential in order to ensure the safety of your computer network. If you come across a USB that is not yours, and you don’t know whose it is, you should not use it. Remember, just because a device appears not to have anything wrong with it doesn’t mean that it doesn’t; you should automatically consider it dangerous.

Unfortunately, as there are currently no ways of destroying such software and programming on these USB devices, there is no way to completely eliminate a risk to any businesses. The only thing you can do is increase awareness in the workplace and reinforce the importance of prudence.

[Photo Credit: Kai-Erik]

Recent Stories

The Hidden Environmental Impact of Our Smartphones.

The Hidden Environmental Impact of Our Smartphones.

Checking emails, social media or the news; banking, making payments, taking photographs, finding our way; it is fair to say that we would be lost without our smartphones, perhaps literally. Oh, let’s not forget, our now indispensable devices also make calls. Essential...

Delivering Social Value Through Our Business Operations

Delivering Social Value Through Our Business Operations

We have become increasingly aware of economic, social and environmental issues. Our renewed sense of community, which naturally came into focus during Government lockdowns, furthered the opportunity for ethical businesses to drive social impact, rather than simply be...

Navigating the Subjectivity of Refurbished IT Devices

Navigating the Subjectivity of Refurbished IT Devices

Reconditioned, renewed, pre-owned… as there are no hard and fast definitions of what the phrase ‘refurbished technology’ means, purchasing restored devices can feel a little like navigating a minefield. This confusion, poor experiences or deep-rooted misconceptions...

Categories