Wednesday, July 31, 2013

The Biggest Threat To Enterprise Is The Thumb Drive

How did Iranian nuclear facilities was destroyed? With a thumb drive. And how did Snowden allegedly smuggle out the blueprints to the NSA? With a thumb drive.

No, it wasn't by some ultra secretive means of super-complex cyber code writing and cloud encryption by which good ol' Eddy breached America's security in arguably the most secure compound on the planet — nope — he simply walked in with a thumb drive, downloaded the NSA, and walked out.

Carl Weinschenk of IT Business Times breaks down how bad a threat flash drives can be:
The U.S. Department of Homeland Security ran a test in which staffers dropped flash drives in the parking lot of government and contractor buildings. Sixty percent of folks who picked them up simply plugged them into networked computers. That percentage jumped to 90 percent if the drive had an official logo.
The Washington Times breaks down the threat further by reminding everyone that a "number of commercially available programs can switch off the USB port of every computer on the network."

NSA officials “were laying down on their job if they didn’t disable the USB port,” an unnamed government IT the specialist told the Washington Times, referring to the small socket on the side of a computer where thumb drives are plugged in.

Organizations, whether they're public or private, have had difficulty enforcing Bring Your Own Device security measures now for a number of years. Certainly there are places in government buildings where there are NO recording devices or storage devices allowed under ANY circumstances.

Regardless, Snowden managed to get one in and get one out.

No comments: