Flash drives are a convenient way to store and transport data. Whether your employees use them to share files among teams or archive older data, you probably have USB sticks floating all over your organization.
However, the ubiquity of these drives can lead to serious threats. Recently, a new type of malware was found to spread through infected flash drives, even when the computer was locked. This insidious attack can steal a user’s website credentials, or even allow them to get a foothold into your corporate network and potentially steal data.
There are two big lessons we can take from these new attacks: don’t ever plug in a flash drive that you are unsure about, and restrict physical access to your machines as much as possible.
Be Cautious of Flash Drives
It’s common for malicious folk to set up commands that run on a thumb drive as soon as it’s plugged into a computer. If someone picks up a random flash drive and decides to put it in their machine out of curiosity, they could just have introduced an infection to your network.
Thus, it’s important that everyone in your organization understand the dangers of using USB drives. Perhaps you could standardize your flash drive usage to a single manufacturer, so you can easily spot rogue drives. We also recommend that you label safe drives with a company sticker. When all good drives are identifiable, people will know to report any suspicious devices.
To go further, you can be even safer and eliminate flash drives altogether. A cloud storage solution like Dropbox would be a great fit for this. Without flash drives as part of your environment, everyone will be suspicious of those they find.
Watch Your Machines Closely
Aside from flash drive safety, it’s also important to watch who has physical access to your computer. Just a few moments alone with a computer gives an attacker enough time to install something malicious and walk away silently.
If you’re not already instructing your users to lock their computers with Windows Key + L when they get up from their desks, it’s important they do so to prevent unauthorized access. However, this isn’t enough on its own. You should avoid having computers where nobody can see them, and recommend that everyone take their computers with them when leaving their desks if possible.
The final layer of defense against this practice is a strong antirivus. Good antivirus programs are able to neutralize these kind of threats before they spread. Hopefully it doesn’t come down to that, but a cut-rate tool might not identify these attacks.
Physical Safety Prevents Flash Drive Viruses
We think of computer security as mostly digital protection, but there’s a physical aspect, too. If an attacker is able to reach your equipment, he can cause a lot of problems. By protecting your machines, you’re taking a huge step to securing your infrastructure and data.
Are you at risk to physical computer attacks? We can help. Contact us today and let’s talk about how to better secure your equipment.