Tuesday 1 April 2008, 9:06 PM
Memory Stick Lockdown Is Imminent
Computers are liberating, but they can also extremely dangerous for a company in the wrong hands. And quite often the wrong hands belong to one of its employees. Give an employee an inch and they take a mile! Next they'll be asking for Net access ...
Statistics in today from ESET, the bestest anti-malware company on the planet, mentioned that INF/Autorun, a generic identification for malware that tries to use the file autorun.inf as a way of compromising a PC, retained its number one spot and increased its share of detected malware during last month (March).
This is interesting (no, really) because it shows that some 10% of malware detections last month were identified as files containing information on programs to be run automatically when removable media, typically a USB memory stick, was inserted into a computer. Put short, this is bad. Put a little longer, this is really bad.
Portable storage media started to become a noticeable threat last summer, since then it has gathered pace and continues to grow as a popular infection vector with malware writers. It’s easy to see why - it has been drummed into us for so long now that e-mail is the main source of infection that we have forgotten the threats from yesteryear when media such as floppy disks were the main concern. Consequently, basic desktop protection is now often overlooked, particularly by home users but also by corporates.
Putting an untested stick into your hole can have serious repercussions. For instance, there are instances where a program has taken over a system to such an extent, displaying so many unwanted advertising windows, that the PC becomes all but unusable - and Vista had nothing do with it! The problem is exacerbated by the fact that if the malware is not fully removed, it can try to replace registry keys and malicious DLLS, which is bad. There are generic tools available that can help, but you need some knowledge to use safely.
In the mean time, you might just want to sellotape up all those USB ports.
Comments on this post
Hi, Christian!
Thanks for your article.
I can fully agree with all this statements. Usb memory sticks can constitute a biggest security threat.
We had some security incidents with stealing of sensitive project data with usb storage sticks. Initially for blocking usb devices we started to use special adm templates with group policy but finally we got of this method.
We switched to desktop authority http://www.scriptlogic.com/products/desktopauthority as a desktop management solution.
It's usb and ports security feature was sweet! We were able to block or limit the access to the unwanted usb devices in the most granular way.
