WATCH The Dangers of USB Sticks and Charging Cables – Day 12 of Cybersecurity Awareness Month 2021
Shelly Miller
So Craig, a very interesting topic the dangers of USB sticks and public charging cables.
Craig Taylor
Yes, yes, it is. Yeah, USB sticks can be really dangerous. They’re a favorite method of hacking accompanied by hackers. They’ll spread USB sticks in various places in bathrooms or on in parking lots or on the front steps to a business and very helpful employee will find it, bring it in, plug it into their computer to try and return it to its rightful owner. But it installs malware right onto your computer. Did you know a USB stick can be set up to be a keyboard, mouse and or bootable device.
Or worse, hackers have created USB sticks that have a charge in them that can destroy your computer just by sending a shock of electricity into the computer, they have enough of a capacitor to do that. Other hackers have implanted malware on USB sticks to take complete control anonymously of your computer when you plug that in.
Shelly Miller
Well, so how can I protect myself against that?
Craig Taylor
Well, the obvious answer there surely is never insert a USB stick into your computer if you don’t know where it came from. This also extends to USB sticks that are giveaways at tradeshows. I’ve fortunately been seeing fewer and fewer companies giving away USB sticks. Because it’s such a liability, there have been actual cases where from the manufacturer themselves a USB sticks sent 1000 at a time all had malware implanted on him, you just can’t trust a USB stick if you have don’t know its prominence or where it came from. If you must use a USB stick software exists to do a scan of that before you pull files off of it or put files on it.
And then another thing, there are many businesses out there that have no choice but to accept data on a USB stick. Think of a print shop, or an accounting firm, where it’s tax season and your clients are bringing their materials to you on a USB stick. Well, in those cases, I would build a purpose built computer that does nothing more than checking the files on that USB stick, it’s probably best to run a software product that I would call Deep Freeze. And that basically allows you to return that computer to a pristine state upon reboot because nothing is written to the disk while it’s operating. So there are some technical measures that you can take if you’re in those kinds of businesses where you have to receive data on a USB stick.
Shelly Miller
Okay, refreeze is the name of it.
Craig Taylor
Deep Freeze
Shelly Miller
Deep Freeze Deep Freeze. Okay, great. So you mentioned charging cables, how can they be dangerous?
Craig Taylor
Well, this is a new development in the last year or two hackers have done proof of concepts that show they can embed key loggers and even WiFi radios in those free charging cables that you see at coffee shops and airports and public places. And if your phone is open with sharing enabled and you need a quick charge and you plug into one of those, they’re going to suck off your data and send it through the air to a hacker that’s any person in that coffee shop or airport you’ll never know that they’ve stolen your stolen your data. So the message there is to be safe. Bring your own charging cable. Don’t ever use a publicly accessible charging cable where you can’t see both ends of the cable. Even if you can see both ends it’s still possible that they might have embedded something malicious there. So just don’t trust it. Bring your own.