Removable Media Security Alert



Did you see the Nova special Rise of the Hackers? I was stunned by an experiment they conducted:

They took infected USB thumb drives with corporate logos on them and basically threw them around company parking lots. A staggering number of people, upwards of 70%, plugged those infected thumb drives into their corporate machines. Unbeknownst to them a malicious program transferred onto their corporate network. That program then sent information back to the researchers. This gets much worse, when they left a CDROM with a handwritten title of Quarterly Financials and Salaries in the parking lot a mind boggling 100% infection resulted. I need to say that again: 100% infection.

The researchers conclude that Stuxnet was delivered into the Iranian nuclear enrichment facility via infected thumb drive or CDROM. For those of you not too familiar with Stuxnet I suggest you check out the Nova show. In a nutshell though, Stuxnet is a very complex program that seeks out specific machine controllers used to operate the motors in uranium enrichment centrifuges. Stuxnet basically blew up those centrifuges which set back the Iranian nuclear program a few months.

What’s incredible here is that hands down Stuxnet is the most advanced malware yet to be produced, as far as we know anyway. And it wasn’t delivered via email spearphishing, or infected websites, or any other network-based attack vector. It came in right off the street, carried in by an authorized user and put into service with a simple thumb push. How’s that for all the money spent on perimeter defense?

Think about this: a person, group, or government entity could engineer an attack on our critical infrastructure – think power grid, oil refineries, and the like – and cripple us to a degree that could completely destabilize our way of life. What would it be like to lose power for 2 months? What would happen to our society? Stuxnet is a weapon. Perhaps the most dangerous weapon ever developed; because it achieves its goal without taking a single life it seems to me that it’s far more likely to be used.

Pandora’s Box is now open and it means the endpoint is the new perimeter.
 

More from the Digital Guardian Data Security Knowledge Base:

 

Rob Priore

Please post your comments here

Data-Centric Security: Why You Need it, How to Get Started

Forrester VP and Principal Analyst John Kindervag explains the fundamentals of a data-centric security approach, why you need it, and how to get started. Watch the webinar on demand.

Watch Now

Related Articles
At RSA, Govt. Says Attribution Key to Cyber Strategy

Despite the difficulty of attributing cyber attacks, government officials stood by attribution as a key tool in responding to cyber incidents.

Detecting and Mitigating USB Propagating Malware (Screenshot Demo)

Put those hot glue guns away – here’s how to detect and mitigate USB propagating malware.

Managing Cyber Risks in an Interconnected World

PwC Cyber Expert Looks at the Key Findings of the 2015 Global State of Information Security Survey