If you find a pen drive in the Car Park or elsewhere, What are you likely to do? …particularly If you find it with your company sticker?
In a recent survey, in the University of Illinois, 48% of the respondents said that they would not only pick it up, but connect it to the computer to find out to whom it belongs or what it contains. The first drive used in the survey was tried within 6 minutes when a malware in the drive generated a signal to the researchers. A majority (68%) of the persons who picked up the drive took no precautions with the drives. 16% scanned the drive for anti-virus. It is interesting to note that 8% decided to try it on the office computer and not on their personal computer so that the risk could be offloaded into the office computer. Another 8% trusted their system and tried it despite knowing the risk.
In another experiment conducted by CompTIC in four US cities Chicago, Cleveland, San Fransisco ad Washington DC. 20% of the drives were picked up and plugged in the drives to their computers and opened various files, clicking unfamiliar weblinks etc..all considered risky from the point of view of malware infection possibilities.
It is clear that therefore a “Dropped USB Drive” is a good system for hackers to get into the otherwise secured corporate systems. When malwares such as “Stuxnet” can be configured to target specific companies, specific devices, run in stealth, defeat the anti-virus systems etc, it is therefore no surprise that we are at a risk that needs to be contained with proper education of our employees.
Today, if we find an unattended bag in an airport lounge or a box even in a public place, we donot touch them. We call the Police and the Bomb Disposal squad since we know the risk. Similarly,if some stranger asks us to carry a gift packet during travel or offerf biscuits while travelling in a train, we shun them because we know the risks.
Similarly we need to learn that if we find a Pen Drive either on the street or more so in the Company vicinity, there is every possibility that a stuxnet type malware which could be also a ransomware be hiding inside and may get into any system in stealth the moment it is connected. Only an expert who runs it in a sandboxed environment can try to find out what it contains.
Let’s therefore inform all our employees today about this “Dropped Pen Drive Attack”