The issue with USB-Sticks

16

September

2021

No ratings yet.

USB-Sticks are an extremely helpful data storage option. Everyone knows how to use them and many people use them on a regular basis. However, only few people realize that USB-Sticks are one of the easiest ways to attack an IT system and represent a major security flaw (Greenberg, 2014; Poitevin, 2019). 

Most people use USB-Sticks quite carelessly. They are easily lost and rarely encrypted.  Especially when used with private or commercial information this represents a huge security flaw: The friendly act of sharing your analysis with a colleague on a USB-Drive can backfire as soon as the wrong person gets access to this drive (Ponemon Institute, 2011). Also, the seemingly uncontrolled flow of information is a thorn in every IT department’s side. As a reaction, IBM started to ban USB drives from work and deactivated the USB ports of their computers (Ducklin, 2018). Increasingly, more companies are doing the same (Jacobson, 2019). 

What seems to be a radical step is an effective strategy. A major way to prevent sharing information with people who are not supposed to read it is to encrypt this information. However,  USB Sticks are rarely encrypted. To make USB-Drives an unattractive option to store data, they had to block them entirely. Besides, this also significantly reduces the risk for other attacks through compromised USB-cables (Ilascu, 2018).

However, there is a second, much bigger risk: Gifted or found USB-Sticks. A study by Tischer et al. (2016) found that 50 percent of people plug in USB drives that they find in public places like parking lots. It is outrageously easy to infect PCs with malware in this way. In 2012, parts of the Iranian nuclear weapons program were severely damaged by malware hiding on a USB stick. Stuxnet was introduced via an infected USB stick into the otherwise sealed-off system. Here, it ultimately caused the physical degradation of over 1000 machines (Hansel, 2011).

Accordingly, there are good reasons to stop using USB-Sticks. The best alternative for companies and individuals alike is to share files through a secure cloud system. What the case of USB-Sticks shows, however, is that we rarely understand the risks associated with the use of the gadgets we use every day. Luckily, technological advancements like secure cloud storage provide attractive alternatives. 

Sources: 

Ducklin, P. (2018, May 14). IBM bans USB drives – but will it work? Sophos. https://nakedsecurity.sophos.com/2018/05/11/ibm-bans-usb-drives-but-will-it-work/

Greenberg, A. (2014, July 31). Why the Security of USB Is Fundamentally Broken. Wired. https://www.wired.com/2014/07/usb-security/

Hansel, M. (2011). Stuxnet und die Sabotage des iranischen Atomprogramms: Ein neuer Kriegsschauplatz im Cyberspace? VS Verlag für Sozialwissenschaften. https://doi.org/10.1007/978-3-531-93299-6_47

Ilascu, I. (2018, August 21). USBHarpoon Is a BadUSB Attack with A Twist. BleepingComputer. https://www.bleepingcomputer.com/news/security/usbharpoon-is-a-badusb-attack-with-a-twist/

Jacobson, A. (2019, April 22). Should Companies Ban USBs? | Risk Management Monitor. Risk Management Monitor. https://www.riskmanagementmonitor.com/should-companies-ban-usbs/

Poitevin, V. (2019, August 21). Should companies ban USB devices? Stormshield. https://www.stormshield.com/news/a-future-without-usb-sticks/

Ponemon Institute. (2011, November). The State of USB Drive Security in Europe. https://media.kingston.com/pdfs/Ponemon/Ponemon_research_EMEA_summary_UK_1111.pdf

Tischer, M., Durumeric, Z., Foster, S., Duan, S., Mori, A., Bursztein, E., & Bailey, M. (2016). Users Really Do Plug in USB Drives They Find. 2016 IEEE Symposium on Security and Privacy. https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7546509

Please rate this

How Google affects your Brain

11

September

2021

No ratings yet.

In which year became Thomas Jefferson president of the United States of America? What is the atomic number of sulfur? Who composed the Soundtrack of Inception, and why do I still have zero matches on Tinder?! We have a lot of questions every day. And while we know the answer to some of these questions immediately (Hans Zimmer composed the Inception Soundtrack), for most questions, we have to do some research. However, no one goes to the library and reads a book to find an answer; we use Google. Few people doubt that Google made the lives of billions easier – but how does it affect your brain when the information you look for is always at your fingertips? 

No one knows everything. Considering how complex our world has become, it is just impossible to know it all. But that is not necessarily bad: Everyone knows someone that is good at something. If I need to change a tire on my car, I can probably ask my weird uncle Terry (whom I have not talked to in months) how to do it. When I want to create a new workout plan, I have friends who can provide me with the latest broscience. That way, I have a resource for many questions. Google, however, is different: It is effective, fast, and surprisingly accurate. Also, it is safe to say that Google has an answer to almost every question. At the very least, it provides you with the necessary information to answer it yourself. In that regard, Google is superior to every other form of information gathering. Usually, Google is even faster than the human meat computer. It is simply not worth remembering little things. Researchers call this phenomenon the „Google-Effect“ or „Digital Amnesia“ (Decker, 2015; Sparrow, 2011). However, that does not mean that Google makes us stupid. We don’t bother remembering information as we trust that Google can provide us with that information in less than a second (Siler, 2013). One study from Sparrow et al. (2011) found that people who did a Google Search had „lower rates of recall of the information“. However, a majority of participants could remember where they found the information. It seems that it becomes less relevant to recall information and more important where to find information. 

Google as a substitution (or extension) to the brain may sound worrying. But that is only one side of the coin. Richard Heersmink (2016) found that Digital Amnesia can have positive results by freeing up cognitive resources. That way, more resources become available for other cognitive tasks (Heersmink, 2016). Progress has always made people anxious. The concern about a deterioration of memory is also not new: Authors criticized televisions because they thought they would lead to an underdeveloped brain (Brdicka, 1997; Gentzkow & Shapiro, 2006; “Television: Does It Damage Your Child’s Brain?”, 1977). Of course, innovations – especially when they change our lives so radically – must first be carefully scrutinized. But neither Google nor the invention of the television has made people more forgetful. We do not stop thinking – we think about other things because the information is available at our fingertips.

Sources:

Brdicka, B. (1997). The influence of technology on the human mind. Charles University Prague Faculty of Education. http://it.pedf.cuni.cz/~bobr/hmind/

Decker, H. (2015). Die digitale Amnesie. Frankfurter Allgemeine Zeitung. Published. https://www.faz.net/aktuell/wirtschaft/netzwirtschaft/das-smartphone-macht-uns-laut-studien-vergesslicher-13847379.html

Gentzkow, M. A., & Shapiro, J. M. (2006). Does Television Rot Your Brain? New Evidence from the Coleman Study. SSRN Electronic Journal. Published. https://doi.org/10.2139/ssrn.862424

Heersmink, R. (2016). The Internet, Cognitive Enhancement, and the Values of Cognition. Minds and Machines, 26(4), 389–407. https://doi.org/10.1007/s11023-016-9404-3

Siler, J. (2013). Generation and the Google Effect: Transactive Memory System Preference Across Age. HIM 1990-2015. . Retrieved from https://stars.library.ucf.edu/honorstheses1990-2015/1510

Sparrow, B., Liu, J., & Wegner Daniel, M. (2011). Google Effects on Memory: Cognitive Consequences of Having Information at Our Fingertips. Science, 333(6043), 776-778. doi:10.1126/science.1207745

Television: does it damage your child’s brain? (1977). Media Asia, 4(1), 14. https://doi.org/10.1080/01296612.1977.11726948

Please rate this