Tom Olzak

Conficker teaches one more lesson

In Cybercrime, Data Security, Risk Management on April 2, 2009 at 12:07

In an post yesterday, I wrote Conficker is more a lesson than an event.  In other words, it serves as a wake-up call for the unprotected and a confirmation of risk for the vigilant.  In addition to the network controls I listed, however, there is another, broader risk highlighted by the threat of Conficker infection—use of USB storage devices.

Certain Conficker variants by-pass network security controls by using the autorun feature of Windows.  When an infected USB memory stick, for example, is inserted into the USB port of a Windows-based computer, it can automatically run without user intervention.  However, it will only run if IS management failed to configure user devices with autorun turned off.  And Conficker isn’t the only malware spread by mobile storage; it’s just the most visible at the moment.  Turning off this Windows ‘feature’ should be on the default security setup list for all end-user devices running Windows.

Spreading of malware isn’t the only challenge associated with mobile storage.  Another is user introduction of pirated software, or other unwanted files, as well as removal of sensitive information from the organization’s control.  Some users need access to mobile storage, but they are usually a small percentage of the user population.  Restricting use of these devices and filtering/encrypting data transferred to them can significantly reduce business risk.

For more information about mobile storage device security, including methods for mitigating business risk, see Portable Storage Device Security.

  1. […] shouldn’t take a media frenzy to make people take a hard look at the state of their systems.  It should be an ongoing process, resulting in a strategy which […]

Comments are closed.

%d bloggers like this: