USB storage devices are a convenient way of sharing and transferring data and files, but they also pose a risk to cybersecurity.
Before you use a USB storage device, whether it’s a ‘thumb drive’ or a portable hard drive, stop and think about what the risks could be of using these devices.
Risks might include:
- Passing a virus or malware between machines.
- Data falling into the wrong hands simply by losing the device.
- Targeted hacking could be in the form of ‘found’ USB devices.
A famous case of this was called STUXNET, which was spread through the sharing of USB thumb-drives. USB devices were used to ‘jump the gap’ between network connected devices and scientific equipment that had been deliberately not connected to the internet for security reasons.
How to reduce your risk
Try not to use USB storage devices across multiple machines and think about how ‘clean’ the machine is you are plugging it into.
Think about where the USB stick came from. If it’s one you found somewhere, throw it away, don’t be tempted to use it or look at what’s on it. Hackers have targeted organisations by leaving USB sticks in places that staff frequent. Relying on people’s natural curiosity to stick it in their computer to see what’s on the stick.
Think about how portable you are making your data
It is important to consider what you are putting on a USB storage device, what would happen if you lost it and someone else picked it up. Would they find your research data? Your thesis? Confidential material? Take a second to think about the data you are making a copy of.
If you are unsure about a storage device, don’t use it. Get a new one and use that. You might also want to consider if there is a better way to store or share your data.
How to Report a Cybersecurity Incident
Ringthe IT Service Desk
0508 ҕl IT HELP (0508 824 843) or
03 369 5000
Visitthe IT Service Desk
located in the ground floor of Matariki
Log a ticket
on