Tips for protecting USB drivesPosted By : Ken Colburn of Data Doctors on October 22, 2010
I’m going to a school that has a bunch of shared computers that I have to plug-in my USB drive to upload and download assignments. How do I avoid getting a virus on my USB drive when plugging into the public computers?
This question was answered on October 22, 2010. Much of the information contained herein may have changed since posting.
In the pre-internet computer world, the most common way for a virus to spread was via a floppy disk, so virus writers would focus on ways to automatically infect any disk that was placed in the infected computer.
These ‘boot sector’ viruses would attach themselves to the startup portion of the disk so that any machine that tried to read the infected disk would become infected itself.
Additionally, many viruses also had a ‘worm’ component that would allow it to spread itself across a network automatically infecting any other accessible systems across the network.
Once the entire network was infected, every disk placed in any machine on that network became a carrier of the virus to the next network.
When the internet started connecting us all to a common network, the virus writers abandoned the slower boot sector viruses in favor of code that could easily be transmitted via the Internet and potentially infect anyone on the network that had less than adequate protection in place.
Now that USB (or flash) drives are in wide use, virus writers have spent time figuring out ways to combine the old ‘infection by physical connection’ method with Internet worms to find ways into networks that have strong firewall technology in place, but weak desktop security.
The ‘back door’ to a secured network on most large corporate or educational computer networks has become the USB port on any of the attached computers.
The first thing that you should consider doing if the transfer is generally from your home computer to the school’s computers is to flip the ‘write protect’ switch on the drive before plugging it into any computer at school.
This turns your USB drive into a ‘read only’ device like a traditional CD or DVD preventing anything from the school computers to be written to the drive When you return home, simply flip the switch back to allow writing to the drive from your computer.
If you need to copy files from the school’s computers onto your USB drive, you will exponentially increase the chances of contracting some form of malware because many of your classmates may not keep their security software up-to-date.
Most of today’s USB infections rely upon a feature in Windows called AutoRun AutoRun is what allows an installation program to pop-up whenever you insert a program CD or DVD into your computer.
By placing an Autorun.inf file on your USB drive, the virus writers know that as soon as you plug it into your home computer, Windows will automatically start running the code that they wrote.
Often the first line of code is to identify and disable your security software so that the malware can complete its silent infection.
If your normal course of activities will require you to transfer data from your USB drive to and from school computers on a regular basis, I would highly recommend that you disable the AutoRun feature on your home computer.
This will allow you to manually scan for viruses whenever you plug your USB drive into your computer so you can catch malware before it has a chance to run.
Microsoft has complete instructions as well as a couple of quick fix downloads to disable and enable the AutoRun feature here: http://bit.ly/cqrCHA
If you need to turn AutoRun on and off on a regular basis, a free utility called USB is located here: http://bit.ly/9wmlk9
It goes without saying that you must keep Windows and your security software up-to-date as you are now in a high-risk environment that could expose you to malware on a daily basis.
Need Help with this Issue?
We help people with technology! It's what we do.
Contact or Schedule an Appointment with a location for help!
Posted by Ken Colburn of Data Doctors on October 22, 2010