Removable Media Security Alert

Did you see the Nova special Rise of the Hackers? I was stunned by an experiment they conducted:

They took infected USB thumb drives with corporate logos on them and basically threw them around company parking lots. A staggering number of people, upwards of 70%, plugged those infected thumb drives into their corporate machines. Unbeknownst to them a malicious program transferred onto their corporate network. That program then sent information back to the researchers. This gets much worse, when they left a CDROM with a handwritten title of Quarterly Financials and Salaries in the parking lot a mind boggling 100% infection resulted. I need to say that again: 100% infection.

The researchers conclude that Stuxnet was delivered into the Iranian nuclear enrichment facility via infected thumb drive or CDROM. For those of you not too familiar with Stuxnet I suggest you check out the Nova show. In a nutshell though, Stuxnet is a very complex program that seeks out specific machine controllers used to operate the motors in uranium enrichment centrifuges. Stuxnet basically blew up those centrifuges which set back the Iranian nuclear program a few months.

What’s incredible here is that hands down Stuxnet is the most advanced malware yet to be produced, as far as we know anyway. And it wasn’t delivered via email spearphishing, or infected websites, or any other network-based attack vector. It came in right off the street, carried in by an authorized user and put into service with a simple thumb push. How’s that for all the money spent on perimeter defense?

Think about this: a person, group, or government entity could engineer an attack on our critical infrastructure – think power grid, oil refineries, and the like – and cripple us to a degree that could completely destabilize our way of life. What would it be like to lose power for 2 months? What would happen to our society? Stuxnet is a weapon. Perhaps the most dangerous weapon ever developed; because it achieves its goal without taking a single life it seems to me that it’s far more likely to be used.

Pandora’s Box is now open and it means the endpoint is the new perimeter.

More from the Digital Guardian Data Security Knowledge Base:


Rob Priore

Please post your comments here

Data-Centric Security: Why You Need it, How to Get Started

Forrester VP and Principal Analyst John Kindervag explains the fundamentals of a data-centric security approach, why you need it, and how to get started. Watch the webinar on demand.

Watch Now

Related Articles
Terabytes of Data Stolen? The Lessons of Operation Iron Tiger

A report from the security firm Trend Micro claims that targeted attacks against US firms have resulted in the theft of intellectual property on a massive scale – including 58 gigabytes of data from a single target. But how?

Friday Five 2/19

Indictments of North Korean hackers, cybersecurity in the stimulus bill, and the growing popularity of Python - catch up on all of the week's infosec news with the Friday Five!

Cybersecurity Risks 2019: Top Online Security Risks for Healthcare, SMBs & More

What will the biggest cybersecurity risk be in 2019? We asked a panel of cybersecurity experts how defenders can best prepare for the coming year.