in Articles minutes

Week in review: USB drives and toothbrushes

Ransomware is a significant threat companies and consumers. No surprise, then, that U.S. lawmakers are calling hearings on the increasing number of attacks. I hadn’t heard about the incident that disrupted the school district in Horry County, S.C. until their director of information technology testified at the U.S. Senate Judiciary Committee’s Subcommittee on Crime and Terrorism, but the details are interesting.

An older threat highlighted by an academic study: the propensity of people for plugging untrusted USB flash drives into their computers. A research paper by the University of Illinois Urbana-Champaign, University of Michigan and Google found that almost half of people (at least) would put an untrusted USB flash drive into their computer. Yet, the lesson – don’t put a USB drive in your computer that you find on the ground – applies equally to one that is given to you. For many professionals, the USB drive with conference proceedings is a good bit of swag. Don’t do it. Or as Verizon’s Chris Novak says:

“Think of USB sticks like toothbrushes and then you will not be so quick to pick it up and share it.”

Finally, the most significant cybercrime attack in recent memory – the theft of $81 million from the central bank of Bagladesh through its SWIFT Alliance network – highlights that specialized knowledge is no defense against cybercriminals. They will learn, or suborn an insider to help, to find their way around a network, if the payoff is enough in the end.

  • “Ransomware Threat Continues to Grow as Lawmakers Take Interest,” eWEEK
  • “How to keep USB thumb drive malware away from your PC,” PCWorld
  • “SWIFT Hack Shows Attackers Penetrating Bank Defenses,” eWEEK

Week in Review is where I highlight articles that I’ve written and that have been published in the last week.