USB Flash Drive Malware: How It Works & How to Protect Against It

From the University of Illinois to Iran (and everywhere in-between), USB flash drive malware is a serious risk

Back in 2016, researchers from the University of Illinois left nearly 300 unmarked USB flash drives in and around the University campus to see how people reacted to them. All in all, 98% of the dropped devices were found by students and staff, and the study found that at least half of these were plugged into a host device to try to access the content.

For a hacker trying to contaminate a computer network, those statistics are pretty much a slam dunk and paints a picture of how careless we can be with our USB devices.

Let’s hash it out.

A History of USB Drive Malware

USB drives have been around for over 20 years, offering users a convenient method to store and move files between computers that aren’t digitally connected to each other.

Natanz nuclear facility, the target of the Stuxnet USB malware attack.

Cyber threat actors have routinely abused this capability with the most famous example being the ‘world’s first digital weapon,’ the Stuxnet worm first discovered back in 2010, which used USB devices to attack the network of an Iranian nuclear facility.

Although USBs are still frequently used, cloud services of today, such as Dropbox and Google Drive, have taken on much of the responsibility when it comes to file storage and transfer, and there is a greater understanding of the security risk that can be posed by USB devices. Millions of USB devices are still designed, produced and sold each year with many used at home and at work (they’re also still a very popular item during promotional giveaways).

In 2017, a Kaspersky Lab data study revealed that every year around one in four USB users across the globe are affected by a ‘local’ cyber incident. This can refer to breaches that result from viruses that are present on the user’s computer or are introduced by infected removable media.

The USB Malware Security Challenge

USB drives continue to pose a big challenge
when it comes to information security for both consumers and businesses.

Although tactics to block threats of a
malicious nature from USB drives have been around almost as long as the drives
themselves and the danger of contracting a malware infection is widely
understood, USB malware attacks are still occurring.

Why? People continue to plug USB drives
into computer systems that are unprotected, so they’re making it easy for
cybercriminals to penetrate their data.

No matter the various safeguards available,
the fact remains that there will always be a considerable percentage of devices
that aren’t running antivirus software, not set up to scan USB drives, or not
set to disallow autorun.

This means that an infected flash drive
plugged into an unprotected device could instantly infect it and spread the
virus through any network it’s attached to.

How Do USB Devices Get Infected with Malware?

It’s possible to come across both
unintentional and intentional infection. The Stuxnet worm is an example of the
latter, where someone uploads malicious code onto the drive with the intention
of filtering the code into the targeted network.

Unintentional infection might occur when
someone plugs an unprotected USB into a poorly safeguarded system in an
internet café, airport or anywhere with poor
public endpoint security (which is about 70% of places)
. You may detect the
virus sometime after you’ve plugged the device into your machine, but there’s
no telling what damage may have already been done.

How to Protect Your USB Device

If you’re using a USB drive to transfer
files across several host devices, it can make you vulnerable to malware – and
you can never be too careful when it comes to USB security, particularly if
you’re handling sensitive data.

Contracting a virus can take a matter of
seconds from the moment you plug the device into the host network. Whether you
contract ransomware, which locks down your entire system, or silent malware
that infects your machine quietly, it could do huge damage by the time you’ve
noticed it.

Unfortunately, USB flash drive malware
doesn’t work like an email virus (which requires you to click on something),
all it takes is plugging an infected USB into a machine. 

Having said that, there are several
different methods that you can use to ensure that your data isn’t exposed and
about to fall into the wrong hands.

How to Defeat USB Drive Malware: Software Security

Write Protectors

If your USB drive doesn’t include a
hardware switch for write protection, then you should be using a software write
protector, such as USB Write
Protect 2.0
. A software write protector will effectively prevent any data
from being deleted as well as protect the device from malware being written
onto your drive.

USB Anti-Virus

If you have write protection enabled, there
is still a possibility of contracting a virus when you go to transfer files, so
it makes sense to use a decent USB anti-virus such as ClamWin.


If you’re looking to protect your privacy by securing your data, you could install an encryption program like VeraCrypt or BitLocker to Windows for password protection on your USB device.

This means that even if someone has access
to your device, it will make it much harder for them to retrieve sensitive
information or hide malicious files inside your existing files and folders.

Protect Your Host Device

If your device is unintentionally infected,
you probably won’t know about it immediately. The best thing to do is to
protect yourself from the outset by installing software that will inform you if
your removable device is infected with malicious malware.

will protect your computer from third-party programmes introduced
from a USB device by running in the background and informing you of suspicious

How to Defeat USB Drive Malware: Hardware Security

Image via

Keypad Flash Drive

Some flash drives are available with a
keypad that allows you to create a unique password, which will physically lock the
device (like a padlock). You’ll simply need to enter the unique password to
access your device.  


Flash drives, such as Ironkey,
will ‘self-destruct’ if the password is entered incorrectly too many times.
There are also some flash drives which are configured to delete files after a
certain period.

Hardware Encryption

If you need to transfer serious data onto a
flash drive, you could opt for a flash drive with 128-bit AES hardware
encryption. Hardware encryption is often considered a better option than
software encryption since it doesn’t carry the same risk of getting


Stopping USB drive malware is important for individuals and for organizations. USB devices are still very much part of our everyday lives at work and at home, despite the emergence of Dropbox and Google Drive. However, unless we learn to protect the information we have stored on our USB devices, we’re guilty of making things much easier for those who wish to misuse our data.

Email Security Best Practices - 2019 Edition

Don’t Get Breached

91% of cyber attacks start with an email. 60% of SMBs are out of business within six months of a data breach. Not securing your email is like leaving the front door open for hackers.

*** This is a Security Bloggers Network syndicated blog from Hashed Out by The SSL Store™ authored by Richard Lecount. Read the original post at: