Here's an update of a post from 2016. It still holds true today...
USB "Thumb" Drives are popular tools for backing up and transporting data. They are small and feather-light, yet can hold mountains of data. Their compact design enables us to conveniently slip them into our pockets when on the go and then used in almost any device that's handy. However, it is precisely this efficient usefulness that also makes them dangerous. Consider the following:
- Malware can hop onto your USB drive from an infected computer and then copy itself onto other systems as you move from computer to computer.
- Hackers can use their own USB drives to steal information from your computer, even if it's not turned on.
- A new kind of USB drive called the USB Killer can completely destroy your computer within seconds using a fatal power surge though your computer's USB port.
- Because they are so small, USB drives are very easily lost or stolen which can result in the complete loss of your work or make your sensitive information vulnerable to theft. Corporate breaches have occurred in this fashion.
Here's what to do to protect yourself:
- Don't use your personal USB drive at work and don't use your work USB drive at home!
- Use the password feature on your USB device.
- Keep all security software on your computer up to date. You must remain vigilant though as security software will not be able to prevent all malware.
- Do not plug a mysterious USB drive into your device. If it's not yours, don't use it! As an example, this is the method that was used to get Stuxnet into Iran's nuclear program.
- Don't leave your computer unattended unless it's locked.
- Save and send more data through the cloud. Are you just putting a large file on a USB drive so you can share it with someone else? For City related business, please take advantage of the City's SENDIT service and instantly share files with others
Today, the Chesapeake Police Department was sent a warning about USB drives with malicious software:
"A neighboring city recently received a letter containing a clear credit card shaped USB drive. On the back of the credit card there was a handwritten note that stated, “Play me now.” After further investigation it was determined that the USB contained malicious software."
If you find or receive anything like this, please contact the IT Help Desk and obviously do not insert it into anything.