Saturday, March 7, 2015

Beware the malware spreading flashdrive

Flashdrives, very convenient, very big, and deadly.  It was flashdrives that spread the Stuxnet virus into Iranian secure nuclear enrichment network.  Flashdrives with the virus were scattered in the parking lot.  Sharp eyed employees spotted them, picked them up, and took them into work.   Once the flashdrive was inserted into a computer, Stuxnet was sucked off the drive and started up. 
   Why does this work?  Blame Micro$oft.  Way back, about Win 95 time, the microsofties put "Autorun" into Windows.  It's still there.  Back in Win 95 days, before flashdrives, Autorun would scan every CD inserted in the CD drive and attempt to run program disks (say a new copy of Office) or to play music disks.  Automatically, hands off.  It was possible to turn off Autorun, but the turn off wasn't reliable, Autorun would come back to life at unexpected times. 
   Now that we have flashdrives, Autorun attempts to run any program it finds on the flash drive.  For that matter it still tries to run CD's, and floppy disks. 
   So, inserting a flashdrive in your computer can open it up to hackers, to use in bot nets, to launch Distributed Denial of Service attacks, to read all your email and suck up all your passwords.  And post any embarrassing photos they may find on your hard drive.  If I was running a secure network, I would use a pair of diagonal cutters to snip off all the USB ports on all the secured machines. 

No comments: