EOL IT Services has now merged with tier1 Asset Management Ltd

Is that USB Flash Drive a Security Risk?

by | Nov 10, 2014 | IT Security

USB Flash Drives are so useful and so commonly used by most of us today that it would be difficult to imagine a world of computers without them. However, in spite of their benefits, there is a possibility that they also pose a security threat by result of a programmable chip inside them. This chip has been found in many different types of USB devices and can allow 3rd parties access into your computer systems.

Read this guide to learn what is does and how you can minimise the risks for your business.

What does it do?

Researchers have developed a piece of software to demonstrate what this programmable chip inside the USB Flash Drives are capable of.  The Flash Drives can be used to completely take over any PC into whose USB port they are inserted, allowing them access to all data on that PC. It has the ability to send codes both to the computer from the USB and from the USB to the PC. Tracking web history, downloading and uploading files and even adding malicious and infected software into installations on the PC.

In fact, it’s so complex that it is able to control keyboards, thus is able to type commands. This means that a seemingly harmless, USB Flash Drive would be able to carry out any task that any computer user could.

The worse news is that nothing can really be done to prevent these malicious attacks. Of course, you can scan and delete files on these flash drives, but it is nigh on impossible to even come close to destroying these types of files. This is because, instead of the files being stored in a folder on the device, they are actually installed in the firmware of the device itself, effectively reprogramming it.

How can you minimise the risk to your business?

In order to reduce the risk that your business will fall victim to this problem, you and everyone within your business must change their behaviour with regards to using USB Flash Drives.

It is vital that you only use USB devices from trusted sources. Never, for any reason, borrow one from someone outside the business that may stand as a threat. Treat your computer security as you would when asking someone to watch your handbag or briefcase.

While this may seem over the top, it is essential in order to ensure the safety of your computer network. If you come across a USB that is not yours, and you don’t know whose it is, you should not use it. Remember, just because a device appears not to have anything wrong with it doesn’t mean that it doesn’t; you should automatically consider it dangerous.

Unfortunately, as there are currently no ways of destroying such software and programming on these USB devices, there is no way to completely eliminate a risk to any businesses. The only thing you can do is increase awareness in the workplace and reinforce the importance of prudence.

[Photo Credit: Kai-Erik]

Recent Stories

How UK businesses can reduce carbon emissions by 1.2 BILLION kg

How UK businesses can reduce carbon emissions by 1.2 BILLION kg

At Tier1, we're passionate about driving the circular economy and helping businesses make sustainable choices. That's why we're urging UK businesses to consider the significant environmental impact of buying refurbished IT equipment. The Power of One Data shows that...

tier1 at ADISA Conference 2024: Exploring Social Value from ITAD

tier1 at ADISA Conference 2024: Exploring Social Value from ITAD

This year's ADISA Conference promises to be a valuable event for the IT Asset Disposal (ITAD) industry, with a focus on key themes such as sustainability, security, and the circular economy. We're delighted that our Partner Account Director, Bev Benham, will be...

Categories