More than ever it is important to be wary of infection not only from the internet but from portable devices. Security company PandaLabs, the research section of Panda Security, claims that 1 in 4 worms spread through USB flash drives and other portable storage devices as reported by Computerworld. That includes cell phones, music players, and cameras; anything with internal storage or memory cards that can be connected to the computer.
These devices make a good vector of infection because malware can easily copy itself to the device; while in the device the worm hides so the owner of the device never knows it’s there. Once plugged into a computer USB devices often auto-run and malware can transfer over nearly invisibly, infecting the computer.
While a quarter of all 2010’s worms rely on USB devices to spread to other PCs, a recent Panda survey of more than 10,000 small- and medium-sized firms found that 27% of those victimized by a malware infection in the last year reported that the attack had originated with infected USB hardware, primarily flash drives.
The nasty Stuxnet worm that plagued industrial companies earlier this summer by exploiting the now-patched shortcut bug stemmed from a USB flash drive harboring malware. It targeted software that managed large-scale industrial control systems. Stuxnet loaded itself onto a PC whenever users viewed the contents of the drive with Windows Explorer or a similar program. Another famous worm that used the USB vector to spread is the Conflicker worm of two years ago.
Controlling and preventing attacks off USB devices is difficult because it would involve having to control everything plugged into the computer. Even the US military is having these sort of problems as seen in the recent news about a 2008 infection that compromised a sensitive military command network.
Earlier this week, U.S Deputy Defense Secretary William Lynn revealed that the U.S. Central Command’s (CENTCOM) network was compromised after an infected USB drive was plugged into one of the network’s PCs. CENTCOM is the military’s joint regional command responsible for the Middle East, including Iraq and Afghanistan.
The best measures to take to secure PCs is to control auto-run and virus-scan USB devices, especially after they have been on an outside network. By default Windows doesn’t auto-run on its own and asks the user what to do. After Conflicker, Microsoft updated Windows to fix a bug that prevented users from disabling auto-run. Windows 7 inherently performs auto-run a bit differently to prevent these sort of attacks. In addition, Panda is offering a free tool that completely disables auto-run called Panda USB Vaccine.
Join 16,500
View the Original article
No comments:
Post a Comment