USB drives are one of the common
ways you can infect a network from inside a firewall. The ubiquity of thumb
drives has driven hackers to develop targeted malware that can automatically
execute upon connecting with a live USB port. What's worse is that
default operating system configurations typically allow most programs to run
automatically. They are also inexpensive, small, hold a lot of data and can be
used between multiple computer types.
A solution to this problem
is to change the computer's default autorun policies. (Click HERE! To findout how!)
All companies have some forms of sensitive
information that absolutely cannot leave the walls of the building. It becomes
very dangerous when that information is stored on an unsecured portable
computer, as they are easy to walk off with. There have been many cases of
publicly disclosed instances of notebooks with sensitive data that have
"gone missing." Unless the laptop employs a tough encryption
algorithm, data is often easy to recover from any given file system. Implement an encrypted file system for sensitive
data.
There are a number of
off-the-shelf solutions out there to choose from, along with open source ones
such as TrueCrypt. VPN, DV and Wi-Fi access should not be stored persistently
on devices such as laptops or netbooks.
I would say that computer infected via a USB drive may not a network attack, as it is being attacked physical. It can only be success after the attacker had gained access to the computer/machine physically. Network attacks may include attacks through services, application, web pages that binds to any TCP or UDP protocol.
ReplyDeleteVulnerabilities of the VPN and Wi-Fi on the other hand can also be considered as one. I am not very sure there's any protocol connecting the networks uses a protocol that do not bind to TCP or UDP.