The FBI recently warned that a European cybercriminal group has tried to hack U.S. companies.
The targets have included transportation, defense, and insurance companies.
But the method of the attempted attacks is a different one. The hackers mailed all these companies USB drives infected with malware.
The companies received a series of fake letters via the U.S. postal service and UPS.
The letters impersonated organizations such as the Department of Health and Human Services and the letters came with USB sticks.
But instead of information about the pandemic, the USB sticks contained malware.
If the USB sticks had been inserted into a computer they would have given the hackers access to the company’s network, allowing them to deploy ransomware.
The FBI didn’t release how any organizations fell victim to the USB hacks, but it serves as a reminder of the tactics that cybercriminals will go to.
The Feds claim the group, FIN7, is behind the hacking attempts. The cybercriminal group is responsible for billions of dollars in losses in the U.S.
The group stole millions of credit card numbers from restaurants in 47 states.
To recruit hackers the group operates as a front for a cybersecurity company…
In other words, the hackers pretend to be the good guys, but they are looking for the best and brightest hackers.
USB drives are one of many ways that hackers will try to infect computers, but one thing about USB drives is that people want to know what is on them.
During a study, researchers from the University of Illinois left 300 USB flash drives around campus.
About 98% of the dropped devices were picked up by students or staff.
At least 50% of the devices were plugged into a computer to try to access the content on the USB drive.
For hackers, these statistics are enticing.
People are careless with USB drives. They want to know what is on them and are willing to risk the security of their computer.
With that in mind, here are a few things you can do to protect your USB drives and computer from this type of cyber attack.
Anti-virus/write protectors:
Hopefully, you have an antivirus program on your computer. Look to see if your antivirus software has a feature to scan USB drives.
If not, find another antivirus such as BitDefender, or Windows USB Blocker.
A write protector is a mechanism that prevents writing, modifying, or erasing data on a device, such as a USB.
For this reason, find a USB device with a write protection switch. This will prevent any data from transferring until you deem it safe to do so.
Encryption:
These days, you need a password on everything, including your USB stick.
This means that if someone has access to your device, it will make it much harder for them to steal data or infect files.
If you need to store serious data on a flash drive you should get one with 128-bit AES hardware encryption.
Hardware encryption is often considered a better option than software encryption because it doesn’t have the same risk of getting hacked.
Get a USB keypad:
Some USB drives have a keypad which allows you to create a password that will physically lock the USB drive.
It’s like putting a padlock on your USB stick.
When needed, you can enter the password on the physical keypad and unlock the USB.
Another feature you should consider is self-destruction.
Some flash drives, such as the IronKey, will self-destruct if the incorrect password is entered too many times.
Also, some USB drives will delete files after a specific period.
Carelessness with USB drives make it easy for cybercriminals to get personal data.
An infected flash drive, plugged into an unprotected device could infect and spread the virus through any network it’s attached to.
One mistake could bring everything down.
Use these tips to keep your USB drives safe, and your private data secure.