We’ve all heard the saying: there’s no such thing as a free lunch. This could be (sadly) the case now with free USB swag that has long been ubiquitous at trade shows and other industry events. Unsuspecting recipients are finding out the hard way that these goodies can be filled with all kinds of suspect malware, spyware and viruses. So, it goes without saying (but we will say it anyways!) that we all should exercise caution when getting these free goodies.
Take the recent US – North Korea summit as a case in point. It was widely reported in the news that Western reporters attending the event in Singapore received USB-powered fans in their gift bags from the North Korean delegation to the summit. One can imagine that the press corps was grateful for the gesture, as Singapore is hot and humid nearly year-round.
Soon after, word emerged from the news outlets that these thoughtful gifts were potentially loaded with spyware, ostensibly in the hopes that journalists would give them an unrestricted peek into their systems and networks. In retrospect, this should not be so surprising, since North Korea is reported to operate one of the most aggressive cyber-warfare agencies in the world.
Days after the conclusion of the summit, one security expert did a tear-down of one of the fans and his device was determined to be benign, however this doesn’t necessarily mean that every device given out was equally safe. The same experts also caution, however, that just a few devices could have been compromised, or a only a single individual targeted – so not each single USB device could be guaranteed to be safe in the same way.
So, although this story sounds like something lifted from the pages of a spy novel, we must be mindful that this is not the first time that malicious agents have tried – or succeeded – to use USB devices to compromise both individuals and entire networks. Most of us don’t ever think twice and generally accept these assorted, fun and useful little devices with gratitude as we walk from booth to booth at a trade show. But after this latest high-profile scare, it’s clear that we should all be mindful and more cautious the next time we are at a tradeshow or event and get that free USB memory stick, toy or fan. Your IT admin, and possibly your entire organization, will thank you for your care!
As a company whose products and services touch on different aspects of computer security in some form or another – for individual systems, sensitive data, and networks and data centers – AMI is very engaged with security topics. For this reason, our staff is generally very cautious about how we utilize portable storage devices and provide access to cloud-based file sharing services, for example, and have enacted company policies to keep our systems, data and networks safe and secure.
Thanks for reading! What did you think of today’s post? Feel free to leave us your thoughts in the comments section below, as well as suggestions on any other AMI products or related topics you would like us to spotlight in future blog posts, and thanks for reading today’s Tech Blog!