TechViews News …..
This past June, President Trump and North Korean dictator Kim Jong Un met in Singapore to discuss trade, nuclear weapons development, economic sanctions, as well as other high-level political issues. Because of this historic meeting, reporters from all over the world descended on Singapore to follow the talks and report every detail of the exchange.
Upon arriving in Singapore, journalists were given a gift bag as a welcome gesture from the local Chinese government. It included bottles of water featuring the faces of Trump and Kim, a guide to the area and a miniature fan.
This small fan was designed to operate by plugging it into a USB port. This was considered by many to be an odd addition to a welcome bag.
Think about it: A Chinese company manufactured USB-powered fans that the government provided to reporters.
And, we know that the Chinese government wants to find out every detail they can about what took place because it concerns one of their biggest foes (the United States) and one of their closest allies (North Korea).
Tricks of the Trade
The reality is, using a USB device is an extremely common method of gathering intelligence. If China altered these USB fans for spying purposes, it wouldn’t be the first time…
According to a Washington Post report, “In 2008, Russian agents planted virus-carrying USB sticks in retail kiosks around NATO headquarters in Kabul, Afghanistan, to gain access to a classified Pentagon network.”
In 2013, Italian journalists reported that “Russian operatives used USB devices to try to spy on world leaders at a G-20 summit in St. Petersburg.”
The thing is, the countries that use USB devices to spy aren’t just targeting other spies. They’re also targeting average citizens like you and me.
“In 2011, the Department of Homeland Security planted USBs and CDs in government parking lots to test the security practices… of employees and contractors,” writes the Washington Post.
“Sixty percent of people who picked up the items plugged them into their work computers.” If the USBs had an official logo printed on them, the rate went up to a whopping 90%.
A few weeks after the summit in Singapore, experts were able to get their hands on some of the USB fans that were handed out. And to no one’s surprise, a few of them actually had Trojan malware hidden in the root file.
After examination, it was determined that the Trojan malware wasn’t designed to plant a spyware package into whatever computer it was plugged into – it was designed to track the user’s movements via the IP address the computer was logged in from.
But what if you are not a government representative or spy?
What if you are just an ordinary Joe (or Jane) and have a USB drive given to you by a friend or office co-worker? This happens all the time. Whether you are simply transferring files from one computer to another, or giving or loaning the USB drive to another person, your computer could be placed at risk.
As an example, a friend was helping you move important office files from his computer to yours. He hands you a USB drive with the files, and all you have to do is plug that drive into your computer and copy the files.
Simple and easy, right? But what if your friend’s computer had a hidden piece of malware he wasn’t aware of, and it was somehow transferred to the USB drive he let you use. Now BooM, your computer could be infected as well.
That very scenario happens thousands of times each day someplace around the world. The fact is, virus/malware/spyware infected USBs is one of the fastest growing means for breaching security today.
So, here are a few basic precautions you should take when using USB devices — both at home and abroad.
Don’t trust unknown devices. Never plug any type of USB device you didn’t personally purchase into any of your personal devices.
If you find some sort of USB device with the presidential seal on it, don’t let your curiosity get the best of you. Simply plugging in the USB device can automatically start the infection process.
When buying USB devices, make sure to purchase them from a reputable company or manufacturer. I obviously don’t recommend buying one off Craigslist or eBay, especially if you are getting a big discount for a bulk purchase.
Be careful using the same device on multiple computers. Now, I realize the entire point of a thumb drive is to be able to move files from one computer to another. However, this is incredibly risky because you can actually cross-contaminate your computers if the USB drive happens to be infected.
For sharing files among multiple computers, try using cloud storage with an expiring password for multiple user access. Using a compromised flash drive, charging cable or mini-fan on different computers could infect all of them.
Use biometric authentication and strong passwords. Depending on the device, some USBs can be set up to require fingerprint authentication or a password. You should absolutely use these options on any device that you can.
This way if the device fails into the wrong hands, you won’t have to worry that someone will simply add malware and give it back to you, putting your information at risk.
You already know you shouldn’t open any unexpected emails, click on suspicious links or download questionable files. Well, you shouldn’t plug any old USB into your device either — especially if you received it from an adverse foreign government.
IS SECURITY AFFECTED BY SAFELY EJECTING FROM A USB PORT?
Be Safe – Backup Your Data Regularly!
And don’t forget to take advantage of our FREE subscription to the TechViews News Updates. You will receive all of our updates and posts the moment they are published.
You must be logged in to post a comment.