“Found” USB Drive Danger

My friend John reminded me of a security warning I’d seen last fall but had forgotten about. Hackers leave a few USB drives laying around, often in parking lots of large companies. Employees walking into the building find the USB drives and think, “cool, a free USB drive.”

Guess what really happens? The clueless user plugs the USB drive into his or her computer, a virus runs automatically upon connection, and that user now has a keylogger Trojan running. If the hackers are clever, and they usually are, the user will never see any warning messages from their computer.

After talking to the Mystery Writers a week ago, all I could think of when reminded about this was what a great plot device it is. It only takes one clueless user to fall for the trick, and the hacker gets access to the company network without stepping foot inside the building or hacking from outside.

USB drives are cheap. Getting a free security hole opened for business espionage is priceless. Warn your users to treat “free” USB drives the same way they treat attachments in spam: delete without opening.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: