Danger! UXB details lost on USB

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Danger UXB

Associated Press is reporting that a soldier has been convicted of negligence by a Swedish court, and fined 21,000 kronor (£1735) for losing a USB memory stick containing details of unexploded bombs in Afghanistan.

The 31-year-old soldier admitted leaving the USB flash drive, which contained classified information he had collected while serving as a peacekeeper in Afghanistan in 2006, in a Stockholm university computer. The data should have been handed back to authorities at the end of his mission, but the device was clearly still being used two years later.

The news comes at the same time as reports indicate that the US Army is cracking down on the use of USB storage devices. According to Wired, the commander of US Strategic Command has ordered the ban of all removable data storage devices, following defence networks being infected by the SillyFDC worm.

Sign up to our free newsletter.
Security news, advice, and tips.

There are many variants of the SillyFDC worm, which typically infect Windows PCs by spreading via USB drives, hunting for any removable device connected to the computer. The malware then downloads further code from the internet, opening the potential for identity theft or launching distributed denial-of-service attacks or spam campaigns.

I would recommend that computer users disable the autorun facility of Windows so removable devices such as USB keys and CD ROMs do not automatically launch when they are attached to a PC.

Any storage device which is attached to a computer should be checked for virus and other malware before use. Floppy disks, CD ROMs, USB keys, external hard drives and other devices are all capable of carrying malicious code which could infect the computers of innocent users.

Device control technology can help your company reduce the risk of data leakage and malware infection, by giving administrators control over removable
storage devices.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.