Reducing cybersecurity risks for a business manager will always be a priority. One device employees love, but IT managers hate, are USB flash drives. The reason IT managers hate flash drives is one fundamental issue – flash drives don’t operate like they should. This is a point few speak about or have even thought about, so today we will cover the details.
IT managers hate flash drives because they provide opportunities for malware to spread quickly and easily. By nature, a flash drive is meant to connect and disconnect quickly, making it easy for files to be transported from one computer to another. This situation is a great opportunity for malware.
Wouldn’t it be nice if a flash drive wasn’t open to such opportunities, yet at the same time easy to use?
Before addressing the fundamental flaw on how USB flash drives work, here are five steps a virus will take to determine if it could spread via USB:
1) Check for the presence of a USB flash drive: The virus would first check to see if a USB flash drive is connected to a computer and infect it.
2) Check the file system of the USB flash drive: The virus would check the file system of the USB flash drive to ensure that it is compatible with the virus and that it can write files to the drive.
3) Check the available storage space on the USB flash drive: The virus would check the amount of available storage space on the USB flash drive to determine if it has enough space to copy itself or any additional files.
4) Check the USB drive’s security settings: The virus would check the security settings of the USB flash drive to see if it is read-only or if it has any other restrictions that would prevent the virus from copying itself to the drive.
5) Attempt to copy itself to the USB flash drive: Finally, the virus would attempt to copy itself to the USB flash drive, using any available exploits or vulnerabilities to bypass security measures and gain access to the drive.
Bullet points 1-4 are qualifiers before the true task of a virus going into action, which is step five, copying files to the USB flash drive, go into action. Step five is the exact point for why flash drives don’t work like they should.
The correct way a USB flash drive should operate is never be writable until the operator approves the device to become writable. Said another way, the default state of a flash drive should be write protected, or read-only. Only will the user temporarily unlock the drive for it to become writable. This is how a flash drive should work.
By controlling when the device becomes writable also controls the opportunity of how and when malware can spread. This is such a subtle, yet important point, it will be key to highlight the actions a virus takes when trying to spread.
1) Malware is designed to remain dormant until specific situations arise.
2) Malware will check the properties of a USB drive at the point of power up, or enumeration, with the operating system. Malware will quickly surmise the device configuration and determine if it can spread. If the malware cannot, it goes dormant until the next enumeration.
3) Malware will not revisit a device after enumeration because, after all, malware is designed to not attract attention.
The write protection is set at the hardware controller level of the device which means the setting follows the drive to any computer, device or system it is connected to. The write protection is not host dependent. Machine code, or microchip firmware, is nearly impossible to hack, so the device write protection is extremely secure.
The most impressive feature from Nexcopy: The default state of the device is write protected; meaning, whenever power is cut to the device, by either proper “ejection” or simply yanking the drive out, the default state of the drive automatically reverts back to being write protected.
Considering the default state of the drive, the cybersecurity risks of a virus spreading on a Lock License drive is reduced compared to any other flash drive in the market. This concept doesn’t completely eliminate the possibility for a virus to spread because human error can always be involved, but for an IT manager this type of technology makes it much easier to embrace the love of a USB flash drive once again.
