Ransomware is software that installs and activates itself on a computer. Once it’s in, it encrypts your files and displays a message. This message informs you that your data is hostage and gives instructions for paying a ransom.”A common and subtle attack method is the USB drop. A USB drop attack is just what it sounds like: an attacker places malware on a USB storage device (sometimes called a thumb drive) and then “drops” the USB device in a visible location. When an unsuspecting individual comes upon the USB device, the temptation is too great, and the individual will often pick up the device and then insert it into a computer to “see what’s on it.”

Detecting USB Drop Attacks

If the malware is not self-activating (using the auto-run feature of some operating systems) so that it installs automatically, a tempting file may be in the root of the device (visible immediately upon opening). The individual opens the file and the rest is history.

Understanding USB Malware Types

What kind of malware could be installed with a USB drop attack? At least three kinds: viruses, backdoors, and ransomware. Of course, there are more, but these are the most common.

  • Virus

A virus may reside on your computer for hours, days, weeks, months, or longer, before activating. It can be there without your knowledge, ever infecting more files on the machine. Then, one day, it takes action(s) ranging from completely disabling your computer and corrupting files to performing something simple like displaying a prank message. In most cases, running quality, up-to-date antivirus software will prevent such infections. When you insert the USB device into the computer, the antivirus software may detect and warn you about the virus. Of course, this is not certain as viruses are appearing regularly and the antivirus software may not know the identity of the specific virus on the USB device.

  • Backdoor

Attackers install a “backdoor” program on your computer, granting them remote or local access, especially if they are physically present in the facility. The attacker can then access the machine and data that may reside on it. This can result in a serious data loss. While some anti-malware software can detect certain backdoor programs, a wily attacker can easily code their own, evading recognition by protection software.

  • Ransomware

Ransomware is software that installs and activates itself on a computer. Once it’s in, it encrypts your files and displays a message. This message informs you that your data is a hostage and gives instructions for ransom payments. However, before you even consider paying, here are three things to remember:

  • Research shows that most attackers won’t give you the decryption key even if you pay.
  • Many ransomware messages are outdated or come from pranksters. They provide fake contact information because they don’t intend to decrypt anything.
  • Forget about paying a ransom. Focus on prevention instead!

Back up your data daily (continually for the most valuable data), and do not allow yourself to be in a situation where paying a ransom is the only option.

Best Practices for USB Security

However, regardless of the help provided by antivirus and anti-malware software, as well as regular backups, there is a better solution in this particular case. It’s really quite simple. Never insert a USB device into your computer if you do not know, with absolute certainty, that it comes from a trusted source. Even if a friend offers to loan you a USB storage device, always ask where the device came from and only insert it into a computer after you have discovered that it comes from a trusted source. Ultimately, the best practice is to not share USB devices back-and-forth. In the 1990s, we had an outbreak of Word and Excel macro viruses/worms. Users mostly spread them through exchanging floppy disks and internal email attachments. The USB storage device is the modern floppy disk and we should be very cautious when using others’ devices. It is best to simply use your own and avoid inserting them into unknown computers as well.

Remember this advice, and it will enhance your protection against USB drop attacks and other malware attempting to infiltrate your computer through the USB ports.

Protect your business from potential cybersecurity threats with the essential CyberSecurity certification for business professionals.

 

Share This Story, Choose Your Platform!

Recent Post