You’ve trained users to be careful about clicking suspicious URLs and downloading e-mail attachments from unknown senders. But those aren’t the only ways malware can get on to your network.
In 2008, the computer networks at the U.S. Department of Defense were compromised, allowing data to be stolen by foreign operatives.
The breach has recently been declassified, and officials have announced its cause: an infected USB drive.
A USB thumb drive containing malicious code was plugged into a laptop at a U.S. base, Deputy Secretary of Defense William Lynn said in a recent Foreign Affairs article.
The malware was placed on the drive by a foreign intelligence agency and enabled data to be transferred to servers owned by the foreign government. Lynn did not say what government was involved or what data might have been stolen, but he did refer to the incident as the “most significant breach of U.S. military computers ever.”
The breach led to a ban on portable USB devices on military computers.
USB drives have become a popular way for hackers to spread malware. In a recent report, security firm PandaLabs revealed that 25% of new worms it has discovered are specifically designed to spread via infected USB devices.
And of the firms that were hit with malware attacks in the past year, 27% said the source was an infected USB drive that was plugged into a computer on their network.
Often, a drive is infected when it’s plugged into an employee’s home computer, and the worm spreads to the company network when the drive is connected to a work PC.
To keep malware from USB drives off of your network, experts recommend:
- disabling USB ports for users who don’t need them
- disabling auto-play for USB drives
- requiring drives and other devices to be approved by IT before they’re used, and
- training users not to use drives if they don’t know where they came from, and not to open unknown files contained on drives.
For further instructions on how to protect your network from such threats, read this article from ComputerWorld.