We at the IT Watch Blog appreciate irony as much as the next guy, but IBM’s recent faux pas might be pushing it. The AusCERT conference boasts that it is the “premier IT security event for IT security professionals and anyone with an interest in IT security.” Maybe so, but that doesn’t mean conference-goers are immune from USBs infected with malware, especially not when IBM’s handing them out. Soon after the conference, IBM sent out an email informing conference-goers of the possible infection of every USB drive they distributed. Almost a week later, Sophos has confirmed that the drives contained two worms: W32/LibHack-A and W32/Agent-FWF. The malware affects Windows systems via autorun and autoplay as soon as the device is plugged in.
If you’re not learning, you’re not living, and it seems malware a la USB is a lesson worth relearning. McAfee’s quarterly threat report [PDF] listed “generic removable-device malware” as number one of the Worldwide Top 5 Malware. Aside from USB drives (thumb drives to some) earning the superlative for Most Popular, AutoRun malware stood its ground, claiming two of the top five spots.
So what does this mean for your company? Sophos’ Graham Cluley notes that “more organizations are looking to control access to USB ports.” Whether you’re protecting against incoming attack or outgoing sensitive information, removable storage should always be used with caution.