Thanks, ill bear these things in mind. It does puzzle me a bit.....why is it that USB sticks are such effective carriers for virus's?
They are not. An USB stick is not carrying malware any better than any other storage medium. By themselves they are just passive devices and do not offer any technical means to infect computers.
Historically the primary threat is running Windows. Microsoft thought it’s a great idea to allow removable media, like CDs and USB sticks, to be able to execute arbitrary commands upon insertion and refused to remove that vulnerability for 15 years. It may be turned off by the user, if they are aware of the risk, but only since Windows 7 it’s disabled by default. On top of that about a decade ago Explorer had a flaw, which allowed attackers to execute arbitrary code while icons of shortcut files were displayed,
(1) which led to a large number of high-profile attacks and remains an attack vector on outdated systems. It’s important to understand, that it’s not a problem of pendrives technology themselves: those were not part of either hardware or mass storage USB devices, but choices by a particular software vendor.
Aside from those special cases, any medium that is used to exchange data between computers is a likely transmission vector. In the past those were floppy disks. When pendrives replaced floppies, they also took the role of the infection spreader. Not because USB sticks are in any way more suitable for that purpose, but simply because users put them in any hole they can, copy files to many computers and do not observe basic security hygene. If someone visits 30 brothels a month, they shouldn’t be surprised if diagnosed with chlamydia. The idea is the same. If you think that people, who are not instinctively disgusted and threatened by someone asking them to run some program or disable a security feature, are naïve, there is one more level: people, who can put an USB stick they found on a street into their computer and even execute things from there without giving it a second thought. That has been used uncountable times to circumvent security measures in companies
(2) and is among the standard tests done by pentesters.
A third, less common threat arises from USB devices complexity. You have no way to determine, what you are putting into your USB port. It may look like an innocent pendrive, but it may present itself to the computer as a keyboard and send keystrokes to control the operating system. It may be a Bluetooth dongle with a built-in keylogger. It may exploit kernel-level vulnerabilities related to how those devices are handled. Or anything else. Those are rare, because other methods are cheaper and easier to conduct, but not unheard of. And, of course, there is also the good old USB Killer, which is harmless in comparison — it only kills the USB port or the computer.
But it should be clear: none of the above is caused by any technical aspect of pendrives themselves.
.....i mean, would i be reducing the chance of getting virus'd if i emailed the work computer files to my google drive from the work PC...and then downloaded it from there to my home laptop? (ie, avoid using a USB stick)
With 99.9% certainity: no. If you were in fact attacked by someone from your company, they didn’t use any sophisticated attacks, but relied on you yourself trusting the files and executing malware.
And suppose i have a virus'd USB stick...and i download all the files on it to my home laptop.....then the laptop will be virus'd...
Uhh… first of all, please stop using “virus’d”. It doesn’t make you sound cool. Quite opposite. In particular since computer viruses are extreme rarity. And no, by copying files you are not infected. Malware does not spread by being somewhere. Malware spreads by being run in some way. So you must consciously either run some program or use a file that exploits vulnerability in other program. Without that nothing happens. And no, USB stick itself is also not infected. It may at most contain malware, which is just normal files like any other file and just like any other file may be deleted.
(3)but presumably i can just re-install windows (whilst keeping the files there and not deleting them)...and then when ive re-installed windows, and removed the USB stick, then i will have all the files off the virus'd USB stick, and no virus on my laptop?
Assuming the malware is not spread beyond the operating system, you may wipe the drive and install a fresh copy of Windows. If you have restoration point set up in Windows, you may try using it — it’s likely it will also provide a clean version.
Assuming that files on that pendrive were the attack vector, it will stay clean until you will infect it again by using those files. The files are the problem, not the USB stick.
____
(1) This is probably the grain of truth on which that video was based.
(2) Which is why in many companies you can’t put anything into USB ports, as mentioned by someone above.
(3) For pedants: technically a pendrive itself could be infected, but that’s not seen in practice. And someone having such malware in their hands would not use it to learn what songs your are listening to.
Home
Help
Search
Login
Register
