Unknown USBs risky, experts say

When journalists arrived in Singapore for the summit between President Donald Trump and North Korean leader Kim Jong Un last month, security experts were alarmed by what awaited those who were covering it. Inside a welcome bag that included bottled water and a guide to the area was a miniature fan that connects to a computer's USB port.

The discovery prompted a security researcher to disassemble the fan to inspect the USB. He found no malicious software functionality inside.

Security experts say people should never use USB devices without knowing where they come from. Hackers and spies can use them as Trojan horses -- devices loaded with malware designed to take control of a target's computer.

Experts say USBs are a common way for hackers to gather information or infect devices. In 2008, Russian agents planted virus-carrying USB sticks in retail kiosks around NATO headquarters in Kabul, Afghanistan, to gain access to a classified Pentagon network, according to the New Yorker.

In 2011, the Department of Homeland Security planted USBs and CDs in government parking lots to test the security practices (and susceptibility) of employees and contractors. Sixty percent of people who picked up the items plugged them into work computers, and if the disks or USBs had an official logo, printed on them the rate shot up to 90 percent. In another experiment conducted at the University of Illinois Urbana-Champaign in 2016, researchers dropped nearly 300 USB sticks on campus and found that nearly half the time someone would pick them up and plug them into their computer.

Sergei Skorobogatov, a hardware security researcher at the University of Cambridge, said people shouldn't let their guard down when it comes to unkown USBs.

Business on 07/04/2018

Upcoming Events