Hey Lookit! Someone lost a thumbdrive!
Free memory sticks!
“At corporations, 70 percent of attacks involve social engineering,” says Adriel Desautels, chief technology officer at Netragard LLC, a Mendham, N.J., cyber security firm. These attacks can be as simple as dropping infected USB memory sticks near the front door, or building friendships with employees using Facebook or similar accounts. Once relationships are established, it’s fairly simple to trick employees into downloading viruses, he explains.
The article linked above “Socializing Plays a Role In Network Security” points out something that all too many times is an ignored or forgotten part of the security process. Often times I have used the dropped memory stick or even a CD sent in the mail, to compromise a target system by abusing “human nature” It works a majority of the time really.. The human is the weakest link.
This will be nothing new to many of you out there who are in the infosec field. However, those who are not, and those who work in corporations might think “whoa, really?” when reading this. Yes, this is a common attack and YES companies on average do a piss poor job at educating their work force about such things. In addition to that, many companies still have not adopted the technologies nor the protocols that could deny such an attack from happening should the education route fail them.
The same thing applies for the home front too as is mentioned in the article. Whether its at home or at work here are a couple things you can do to protect yourself from this type of attack.
1) Disable “AUTORUN” on your system for all USB/CD devices: Yes it can be a pain when you need to re-load a system but it’s better than having a compromised system and all your data in the hands of the bad guys
2) Nothing IS FREE! Always assume that if you find a CD/USB/External HD it’s a possible “Trojan Horse” in the purest sense of the term
3) IF you find one of these at work, turn it in to your security staff DO NOT PLUG IT IN!
4) Always have AV software on your system and insure that your patterns are up to date should you slip up
5) ALWAYS scan media that is being shared or you have no idea where it’s been!
Just be judicious kids. Not all AV’s will pick up the real rootkits but if you take some precautions you can mitigate the vulnerability a bit more. Next time, we will talk email exploits! WOO HOO!