For a business manager, reducing cybersecurity risks will always be top of mind. USB flash drive is a device that employees love and IT managers detest. IT managers dislike flash drives for one reason: they don’t function as they should. It is an issue that very few have discussed or even considered. Today we will go into detail.
IT managers detest flash drives for their ability to easily and quickly spread malware. A flash drive’s nature is to connect quickly and disconnect, making it easier to transfer files from one computer to another. This presents a perfect opportunity for malicious software.
Wouldn’t a flash drive be more useful if it didn’t allow for such possibilities?
Here are the five steps that a computer virus will follow to determine whether it can spread through USB.
- Check if there is a USB Flash Drive: The virus will check if it can infect a computer based on whether a USB Flash Drive is attached.
- Check that the USB flash drive is compatible: the virus would check that the USB flash drive’s file system is compatible so that it could write files on the drive.
- Check the storage space available on the USB drive. The virus checks the storage space available on the USB drive to determine whether it has enough to copy itself or to store any additional files.
- Check security settings on the USB: The virus checks the security settings to see if they are read-only, or if there are any restrictions that prevent the virus from being copied to the USB.
- The virus attempts to copy itself onto the USB flash drive: Using any available exploits and vulnerabilities, the virus will try to copy itself onto the USB stick, bypassing security measures to gain access to it.
Bullets 1-4 are qualifications before the actual task of malware going into action is completed, which would be step five – copying files onto the USB flash drive. The reason why flash drives fail to work as they should is at step five.
In order for a USB drive to be writable, it must be read-only or write-protected by default. It is only after the user unlocks the drive temporarily that it becomes writable. The flash drive should function like this.
When the device becomes writable, you can control how and when malware spreads. This is a very subtle yet crucial point. It will be important to highlight the actions taken by a virus when it attempts to spread.
- Malware can be designed to stay dormant if certain situations arise.
- Malware checks the properties of USB drives at the moment of powering up or enumeration with the operating systems. Malware will quickly determine if the device can be spread. If malware is unable to spread, it will go dormant.
- After enumeration, malware will not return to a computer because it is not designed to draw attention.
The write protection is set by the hardware controller of the device. Therefore, the setting is carried over to the computer or device to which the drive is connected. The write protection does not depend on the host. Because machine code (or microchip firmware) is virtually impossible to hack and therefore extremely secure, the device write protection is also.
Nexcopy has a feature that is particularly impressive: the default status of the device (write-protected) is automatically restored to this state when power is interrupted, whether by “ejection” properly or just pulling out the drive.
A Lock License drive has a lower cybersecurity risk than any other flash drive on the market. Although this concept does not completely eliminate the risk of a computer virus spreading, human error will always be present. For IT managers, however, the technology allows them to enjoy USB flash drives again.