Home page logo

educause logo Educause Security Discussion mailing list archives

Re: USB Storage Devices
From: Mike Iglesias <iglesias () UCI EDU>
Date: Wed, 3 Dec 2008 11:07:07 -0800

Douglas Gale wrote:
CERT recently issued a warning about malicious code propagating via USB
flash drive devices and the Defense Department suspended “usage of all USB
storage media until the USB devices are properly scanned and determined to
be free of malware,"

Have any campuses experienced problems or developed any policies or
procedures regarding the use of USB storage devices?

One of the groups on campus hosted a conference at an off-site location, and
about 500 of the 1000 attendees ended up with infected USB drives.  They had
brought their presentations on the USB drives, and the group hosting the
conference had a system (provided by the center that the conference was at)
that was used to keep copies of the presentations.  Either the system arrived
infected or was infected by someone early on in the process, and anyone who
stuck a USB drive in the system got a "present" on their drive.  The malware
was setup to autorun, so the attendees more than likely infected their systems
when they got back to their office or home (or both).  The malware was not
detected by many AV products at the time, including the major players, so that
helped the infection spread.  It's fairly well detected now.

Mike Iglesias                          Email:       iglesias () uci edu
University of California, Irvine       phone:       949-824-6926
Network & Academic Computing Services  FAX:         949-824-2270

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]