Is a information stored on your USB ride expostulate stable from any malware on a PC it gets plugged into?
USB ride expostulate manufacturer Kingston Technology this week announced that dual of a drives from a Traveler line — DataTraveler Vault Privacy and DataTraveler 4000 — now come with an discretionary ClevX DriveSecurity feature, that requires 300 MB of a drive’s space and includes built-in ESET antivirus program for nuking any viruses, worms, Trojan applications, rootkits, or adware that competence try to taint a drive.
“When a expostulate owners authenticates to a peep drive, DriveSecurity launches immediately. It updates a pathogen signature and scans any changes (all new files, applications, etc.) to a peep drive,” pronounced ESET. “Upon user request, it checks a whole peep expostulate to safeguard that it is giveaway of antagonistic code.” ESET also pronounced a anti-malware program contains heuristic malware showing to assistance temperament opposite threats. But a association pronounced that a drive’s antivirus program won’t indicate a PC that it gets plugged into.
Is antivirus program on USB ride drives redundant? Or competence it instead have helped forestall a conflict of such malware as Stuxnet? Indeed, a USB pivotal carrying Stuxnet appears to have been obliged for during slightest some of a ensuing infections, that targeted an Iranian chief trickery during Natanz. The premonition with Stuxnet, of course, is that a malware seems to have been introduced on purpose, expected by a U.S. agent, definition it was meant to taint a USB expostulate and in spin systems during a facility.
[ Hacking organisation boasts of government, trade organisation exploits. Read some-more during Team Ghostshell Hackers Claim NASA, Interpol, Pentagon Breaches. ]
On a other hand, common malware that attempts to taint USB drives stays alive and well, in partial since eradicating it is formidable given all of a opposite ways in that it can spread. For example, ESET final week reported that a second many prevalent pathogen is an auto-run worm famous as Pronny, that spreads in partial by infecting removable media. Once a worm infects a system, it afterwards hides versions of itself elsewhere, including on network shares, and attempts to taint all it can touch, including ride drives.
USB drives can get putrescent in countless ways, such as by supply sequence insecurities during production. For example, IBM incidentally distributed ride drives during an Australian confidence discussion that were putrescent malware.
Other infection vectors engage employees regulating virus-infected kiosks or third-party PCs during airports or Internet cafes, giving a USB pivotal to a crony whose PC happens to have a virus, or regulating a USB pivotal on a corporate network where a pathogen is residing.
“In use one sees both unintended and conscious infection. Stuxnet is an instance of a latter, where someone installed antagonistic formula onto a expostulate with a vigilant of removing that formula onto a aim system,” pronounced ESET confidence preacher Stephen Cobb in a blog post. “Unintentional infection can start when we place your USB peep expostulate into an insufficiently stable system. Sure, we might detect a infection later, when we eventually place your expostulate into your possess computer, though we could do a lot of repairs before then.”
As an example, Cobb references a box detailed progressing this year by a Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), that in 2010 investigated an conflict of malware tied to a Mariposa botnet. While a influenced classification wasn’t named, a attention was remarkable as being “the chief sector.”
The investigators traced a infection behind to a discussion presentation, observant in an advisory that “an worker attended an attention eventuality and used an instructor’s concept sequence train (USB) peep expostulate to download display materials to a laptop.” After a worker reconnected their laptop to a corporate network after returning to work, a malware spread, eventually infecting 100 other network-connected systems.
As malware gets increasingly sophisticated, so, too, contingency a record and strategies we use to detect and exterminate it (or, improved yet, stop it before it ever creates it onto network systems). Our Rooting Out Sophisticated Malware news examines a tools, technologies and strategies that can palliate some of a burden. (Free registration required.)