The Easiest Way to Get Malware into Your Organization
Why bother with fancy web-based vectors like phishing emails? If you’re looking to infect your network with malware, just keep plugging in USB drives.
True story: infrastructure and security giant IBM recently warned customers that it had shipped them software updates on malware-infected USB drives.
If there’s a single story in the recent past that illustrates the dangers of removable media (USB drives, CDs, DVDs, portable hard disks, etc) – this is it. Here we have the ultimate in trusted sources – a multinational software vendor – unknowingly disseminating malware to its customers via removable media.
Still not convinced? Last year, it was the American Dental Association that sent out a USB drive containing dental procedure codes, which turned out to be infected with malware. Other examples are not hard to find.
The dangers of removable media in general and USB drives in particular are far from new. Endpoint malware protection has long been a tenet of network security. Yet as attention has shifted to online threat vectors, some organizations have let their removable media policies and procedures fall behind. The result – a glaring hole in many enterprise security regimes.
Luckily, it is a glaring hole that is easily and painlessly remedied.
The Basics of Removable Media Security
Obviously, you need to let files into your organization to enable business to function. The trick is to do so in a way that maximizes security without impacting productivity.
USB drives and other removable media still play an important role in the information flow within and in-between organizations. They hold large volumes of data and are easily portable. Sales reps still come back from trade shows carrying important marketing material on DVDs. Software vendors still send updates – most without malware – on USB. And employees still frequently move files from their home offices and back on this convenient vector.
The problem is that USB drives, by way of example, can also contain malware which self-activates when the drive is plugged in. There’s no need for the user to click on anything – just to plug the drive in to a port. In cybersecurity there’s no such thing as partially-effective measures – either a solution works or it doesn’t. And there’s no 100% safe way to ensure that the Autorun feature on USB drives is disabled.
Cyberattackers have learned to take advantage of the fact that employees insert files into corporate networks through physical devices. That’s why the first step most security conscious organizations take is to disable all USB ports and CD/DVD drives on all network-connected devices.
This may sound extreme – but if it’s done concurrently with the implementation of a viable and secure solution to ensure the free flow of files and information, productivity need not be impacted at all.
How does this work? the ODIX Kiosk, for example, is a freestanding Linux-based hardened workstation dedicated to inserting files from removable media. Conveniently located at central locations throughout the office space, users go to kiosks to plug in any removable media sources – instead of attaching them to their own devices. In just seconds, incoming files are sanitized and forwarded to the user via email.
This solution is a highly secured data exchange station designed to meet both security and productivity requirements.
The Bottom Line
The first step to solving any problem is awareness of the problem itself. Once we recognize that removable media still pose significant danger to security, we can address the challenge of finding an efficient and cost-effective solution. Since none of us is actually looking for a way to introduce malware into our networks – we need to choose the policies and the technology that can make sure we don’t.
Interested in learning more about securing and controlling incoming files ?