Even IT workers can't resist plugging in USB drives they've found, says study


A vast majority of IT workers have admitted to picking up USB flash drives that they've found, and plugging them into a computer. This was revealed in a survey by South Korean security vendor AhnLab, which found that 78 percent of IT security professionals admitted to doing this.

As reported by eWeek, many of those surveyed also had experiences with security breaches that were eventually traced back to malware-infected USB drives.

Malware loaded via autorun scripts in USB flash drives have resulted in a significant number of security breaches in the past, including a successful infiltration of the U.S. military's Central Command in 2008. The notorious Stuxnet malware can be spread using flash drives.

To combat this problem, Microsoft (NASDAQ: MSFT) released an update for older versions of Windows in early 2011 to prevent AutoPlay from being enabled automatically on non-optical media. The move was highly effective, and helped lead to a steep decline in the number of infections.

Given that newer PCs running Windows 7 and Windows 8 already have AutoRun locked down by default, there is little risk associated with plugging in a USB flash drive these days, unless users attempt to execute scripts or executable files on it.

However, the study does suggest that human traits, such as curiosity, die hard, and could well be leveraged by hackers to get on corporate networks.

For more:
- check out this article at eWeek

Related Articles:
USB drives spread malware to power plants
How hackers could cause traffic jams