Educause Security Discussion mailing list archives
Re: USB Storage Devices
From: Mike Iglesias <iglesias () UCI EDU>
Date: Wed, 3 Dec 2008 11:07:07 -0800
Douglas Gale wrote:
CERT recently issued a warning about malicious code propagating via USB flash drive devices and the Defense Department suspended “usage of all USB storage media until the USB devices are properly scanned and determined to be free of malware," Have any campuses experienced problems or developed any policies or procedures regarding the use of USB storage devices?
One of the groups on campus hosted a conference at an off-site location, and about 500 of the 1000 attendees ended up with infected USB drives. They had brought their presentations on the USB drives, and the group hosting the conference had a system (provided by the center that the conference was at) that was used to keep copies of the presentations. Either the system arrived infected or was infected by someone early on in the process, and anyone who stuck a USB drive in the system got a "present" on their drive. The malware was setup to autorun, so the attendees more than likely infected their systems when they got back to their office or home (or both). The malware was not detected by many AV products at the time, including the major players, so that helped the infection spread. It's fairly well detected now. -- Mike Iglesias Email: iglesias () uci edu University of California, Irvine phone: 949-824-6926 Network & Academic Computing Services FAX: 949-824-2270
Current thread:
- USB Storage Devices Douglas Gale (Dec 03)
- <Possible follow-ups>
- Re: USB Storage Devices Mike Iglesias (Dec 03)
- Re: USB Storage Devices Adam Carlson (Dec 03)
- Re: USB Storage Devices Tupker, Mike (Dec 03)
- Re: USB Storage Devices Stanclift, Michael (Dec 03)
- Re: USB Storage Devices Rowe, Ken (Dec 03)