1(630)802-8605 Ravi.das@bn-inc.net

Here is a question that I would like to pose to everybody out there:  How many of you still USB devices as means store and transfer your files?  I bet that there probably is a large chunk of you out there who still use, as I do.  I don’t use mine very often, only for creating a secondary backup of my real important writing files, such as in the case when I write a book.

I primarily store everything in the Cloud, but use the USB device as my secondary, On Premises backup.  Believe it or not, the USB Flash Drive has been in existence since the last 20 years, which have allowed users from all over the world to transfer files without the need of having to use the Internet.

But given the fact now that there are so many Cloud backup solutions, it is no wonder that the USB is now fading into the limelight.

Because of this, they have now become a much-favored target for the Cyber attacker.  The primary example of this is the infamous Stuxnet worm made use of various USB devices in order to spread malware to an Iranian nuclear facility’s IT Network Infrastructure.

In fact, according to a survey by Kaspersky Labs, 1 out of every 4 Cyber-attacks actually involves the use of a USB device in some manner or another.  The main culprit is the removable device, such as the USB Drive. The Cyber security researchers have also discovered yet another alarming trend:

Ever since 2015, the Cyber attacker has been using USB Devices in order to launch what are called “Crypto miners”, and this trend has greatly escalated since 2018.  They have even stated that 1 out of every 10 individuals or businesses have been impacted by this, especially the “Trojan.Win64.Miner.all” Cryptominer”.

So, what exactly is a Cryptominer?  It can be defined as follows:

“It refers to software programs and malware components developed to take over a computer’s resources and use them for cryptocurrency mining without a user’s explicit permission.”

(SOURCE:  https://www.webopedia.com/TERM/C/cryptomining-malware.html)

Cryptomining is a rather complex topic, of which I will write about in a future blog.  But as I have written about before, and as all of my podcast guests have said, the Cyber attacker is now getting away from hacking into IT Infrastructures and going now after Critical Infrastructure.

The latter can include just about everything ranging from our electric power grid to our water supply all the way to our public utilities and public transportation systems.  They may not cause so much direct physical damage per se, but the chaos and mayhem that this could create could result in huge financial losses and severe downtime for a major US City, such as Chicago, NYC, Los Angeles, etc.

The Cyber attacker is now also using USB devices to hack into those computer systems that are supposedly not connected to the Internet by any means.  Such kinds of infrastructures are termed “air-gapped”, because in theory, they do not connect to anything else in the outside world.

But to be perfectly honest, if there were truly “air-gapped”, then they would not be prone to a Cyber-attack.  So, in reality, these computer systems do have some connection to the outside world.  A well-known hack into a so called “air-gapped” system was known as the “ProjectSauron toolkit” which was launched in 2016.  The deployment vehicle in this Cyber-attack was used to transfer information/data from air-gapped systems to Internet-connected systems.

So now the question is if USB Devices are now a favored target for the Cyber attacker, and they are still being used, how do you at least mitigate the risk from being hacked into?  There are a number of steps you can take, which include the following:

*Only use those USB Devices that offer some level of encryption;

*Make sure that all of your information and data that resides in it is encrypted also;

*Make sure that your USB device stays within the confines of your home, or if you have to travel, make sure that you do not lose sight of it;

*Never let anybody else use your USB Device (unless you implicitly trust them);

*On the same token, never insert your USB Device into an unknown network or other device;

*USB Flash Drives are also a popular marketing tool that can be used by any company to market their brand. If you get one from an organization that you have never heard of before, then simply destroy that USB Flash Drive, as you never know what it could contain;

*Also, if you visit a tradeshow, never pick up any USB Devices that are given out as promotional material . . . once again, you never know what kinds of files they contain.

Your best course of defense is always an offensive in these cases, and just using good ‘ole common sense.

Finally, the survey I talked about before from Kaspersky can be seen below at this link:

https://securelist.com/usb-threats-froms-malware-to-miners/87989/