Ever since removable devices became highly popular within the computer users’ community, cyber criminals have implemented this highly useful implementation for malignant intentions. Malware spread via removables reached the peak in 2008, when, according to elsevier.nl, 25% of worms were infiltrated into operating systems via USB drives. Despite the fact that this was recorded four years ago, industry specialists are warning the public to be highly careful when using removable devices, as malware counts are getting higher, and schemers are starting to remember their old tricks.
Security firms and departments were always fully aware of this high-risk security loophole, and US Homeland Security even performed tests to find out how easy it is to trick computer users. During an experiment, a great number of USB flash drives and CDs were purposefully spread across parking lots, in the hopes of target people picking these up and using. The experiment was conducted around government buildings, so the “targets” were corporate, governmental officers, who work with computers and have access to private, social data. Bloomberg.com reported that over 60% of “dropped” removable devices were picked up, out of which nearly all (90%) were hooked into work computers. This 2011 experiment showed that schemers are back to their old tricks, and personal data could be stolen from people, even if it is not heir own computers that are getting infected.
Whether this is a coincidence or an idea put into practice, cyber crooks have recently used the same attack method, as infected USB flash drives were dropped at the parking lot of DSM. According to limburger.nl, malware stored in the flash drives was meant to steal passwords and usernames; however, this cunning plan was not fulfilled, as the scam was soon caught, without any major damage to the privacy done.
Corporate companies and government agencies are not the only target, and computer users need to take measures to protect their personal systems from malware, which could be spread via infected removable devices. Below are some tips which can prevent cyber criminals from accessing your computer through infected USB drives.
- Select the RUN engine from the Start Menu and enter gpedit.msc.
- Choose Computer Configuration and then Administrative Templates.
- Locate and hit System tab.
- To disable Autorun simply choose to Turn off Autoplay.
- To apply these configurations select Enable and then continue with selecting All Drives.
Configure the usability of USB ports
- Type “regedit” in the RUN engine.
- Locate HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UsbStor
- Select Start and change value number 3 to number 4 (extra care is recquired).
Disable USB ports
- Go to the Start Menu and locate the My Computer icon.
- Right-click and select to Manage.
- On the left hand side you will be able to find Device Manager.
- Now expand Universal Serial Bus Controllers selection and Disable USB ports by right-clicking on the USB Root Hub.