Removable Media may be defined as any device that can be inserted or removed from a PC without shutting down. This definition includes a wide variety of media such as compact discs, floppy disks, USB drives, and external hard drives. The size of these devices can vary significantly, allowing vast quantities of data to be transported from system to system. It is this ease of data transfer that creates a significant threat to the security of a business’s network and individual systems.
Removable Media devices are an integral part of modern industry. Today, it takes a matter of minutes to make a copy of a program installer from one computer, copy it to a USB drive, and install it on another device. Unfortunately, what most individuals do not think of is that it is just as easy to transfer malware and computer viruses between computers using the same method. Malware can live on one computer and transfer to an inserted removable media device immediately after the device drivers are installed. Once on the removable media device, the malware can then transfer to any other computers where the removable media device is used, often without user knowledge.
The form of Removable Media device at highest risk for these transfers is the USB device. We define a USB device as any form of removable media that accesses a computer using the USB port. This includes the ubiquitous USB drive as well as external hard drives and even mobile phones. The term USB drive can be confusing to some as it has so many additional names including but not limited to zip drive, flash drive, thumb drive, and jump drive. These USB devices are so common in today’s world that most people have one or more on their person at all times of the day, not just during business hours.
Each time these devices are used, there is potential that they could become infected. The following case studies are just a few public examples of how malware (such as those transported by removable media) can impact the manufacturing environment:
Timeline: How Stuxnet attacked a nuclear plant
Seven years after Stuxnet: Industrial systems security once again in the spotlight
Industroyer: Biggest threat to industrial control systems since Stuxnet
The Untold Story of NOTPETYA, The Most Devastating Cyberattack in History
Triton Malware Spearheads Latest Generation of Attacks on Industrial Systems
This blogging series will feature several articles that describe different ways that a manufacturing facility can be protected from the threat posed by Removable Media.