USB devices have been ubiquitous today because of their flexibility and convenience. You can do a ton of things with these devices such as accessing your wireless networks, connecting a wireless keyboard and mouse, storing files and folders, installing software, and more.
An important part of these USB drives is the firmware that comes with them. A firmware is a type of computer program that allows you to perform functions based on the purpose of your USB drive. For example, if you have a USB drive for accessing wireless networks, then the firmware enables this functionality.
Most times, the firmware is proprietary, and this is what makes these programs potentially dangerous as you have no control over what's coded in the firmware. It's always possible for malicious actors to have a virus or malware included with the firmware, so the same gets installed as soon as you plug a USB drive into your system.
If this scares you or if you've been in this unfortunate situation before, read on as we tell you some practical tips to protect your USB firmware from viruses.
Be Cautious of USB Drives
As a user, the onus is on you to protect your device from any malicious software. When it comes to USB drives, stay away from the ones that have a dubious source. For example, malicious actors tend to leave infected USB devices in public places like parks and city buses. Unsuspecting and curious users tend to take these USB drives and plug them into their devices hoping to find something interesting. But alas, this only infects their system and makes them vulnerable to the viruses and malware installed in them.
While this may seem strange and unbelievable, it's more common than you'd imagine. In short, stay away from USB drives found in public places. Also, avoid buying second-hand drives online. Buy only new ones from the store or use the drives of your known friends and relatives if you must. Always approach these drives with caution, and this can protect your device from viruses.
The Windows operating system, by default, will auto-run the firmware of plugged-in USB devices. Make sure to disable this auto-installation, so you can check what the program is before it's executed on your system.
Follow the below steps to disable auto-installation on your Windows system. Please note that these steps are for Windows 10 operating system, so make the necessary changes based on your OS version.
Open System Settings
Before you plug in a USB drive, press the Windows key + X. From the menu, choose “System”. On the right-hand side, look for an option called “Advanced System Settings” and click that.
This opens a new dialog box called “System Properties”.
Navigate to Device Driver Installation
1. In the dialog box, click the “Hardware” tab.
2. Next, click the “Device Installation Settings” button. This will display the Device installation settings dialog box; choose the “No” radio button.
3. Click “Save Changes” and this will stop Windows from automatically executing the firmware from your USB device.
Installing a USB Drive
- To install the firmware from a newly bought or known USB drive, go to Control Panel and click on Devices and Printer.
- In the new window, click “Add a Device.” Your computer will then look for new devices and will list them. Select the device you want to install and click “Next” to install it.
Updating the Drivers
Sometimes, you may want to update the drivers of existing devices. Since you have disabled auto-installation, you'll have to do this manually.
To do this,
- Press Windows key + X and select “Device Manager”.
- From the device tree on your left, select the device you want to update.
- Right-click the device and select “Update Driver”.
- A file dialog box will open and browse here to find the driver software.
- Click “Next” to start the installation.
This is how you can disable auto-installation on Windows and run only those programs you trust.
Protect your USB Devices
If you find yourself frequently sharing your USB drives with friends and colleagues, you may want to encrypt your sensitive information, so no one can access it. Likewise, you can also encrypt access, so that no one can modify the firmware to infect your computer.
Some USB drives also allow you to use a password to protect the USB's hardware. Again, this will ensure that the firmware is not modified to include viruses.
Use Data Loss Prevention Tools
One of the easiest and the most convenient ways to protect your USB firmware from viruses is to use Data Loss Prevention (DLP) tools that come with advanced capabilities to identify malware and protect your device from them. As the name suggests, these tools also prevent data loss through theft and accidents.
The other advantage of these tools is that you have complete control over what software is installed. The central dashboard displays all the installed software and you can even tweak the configuration settings to have control over future installations. In other words, you must explicitly approve installations, and nothing will happen automatically.
From an organization's standpoint, it's highly beneficial as these tools reduce the chances of insider threats. Employees cannot copy or send confidential information through USB devices when you have DLP tools installed in your network. Undoubtedly, these tools offer extra protection against malicious firmware, and hence must be an important part of your security strategy.
These DLP tools help with meeting regulatory compliance and also, generate advanced reports to provide the necessary insights for decision-making. Due to these reasons, DLP tools are well-used across many industries today.
This demand for DLP tools because of their huge benefits has led to an explosion in this market, which means there are many tools available in the market today. While the exact choice depends on your organization's infrastructure and the goals you're looking to achieve, here are some of the best ones available in the market today.
- ManageEngine Endpoint DLP Plus A package to identify and protect sensitive data that includes USB device controls. This prevents software from running on USBs or copying onto an endpoint. There aren’t any controls to prevent malware from moving onto a USB device but it should be assumed that all of the business’s endpoints are malware free, thanks to effective antivirus systems. The package focuses on the movement of files onto USB devices and it can also block all devices from attaching by default with an option to create an allowlist. Runs on Windows Server. Get a 30-day free trial.
- Forcepoint DLP An advanced tool that protects organizations from data leaks and loss through endpoint devices such as removable USB drives, mobile devices, and even email clients and applications. Further, it supports encryption of USB drives to ensure that no one can tamper with the firmware. It also supports the content analysis and blocking of USB drives based on the organization's security policies. It even comes with an analytics engine to rank high-risk incidents.
- CoSoSys Endpoint Protector An enterprise DLP tool that monitors and protects your organization's sensitive data. It also provides extensive control for IT admins over the use of endpoint devices like USB drives, so it's easy to know which USB drive. Such control ensures that employees don't infect systems with malware through USB drives. Also, it supports blocking, port locking, and encryption to keep your USB drives safe. Needless to say, it also helps your organization to meet regulatory compliance.
- NinjaOne A unified platform for handling all your IT operations in a single place. It monitors every endpoint, including USB devices, to ensure that there are no security vulnerabilities by using them. Its centralized dashboard provides complete visibility of all the endpoints, and this can greatly bring down the chances of insider threats. Moreover, NinjaOne is cloud-based, so works well across any network and platform. It boosts efficiency and automation, along with compliance with leading industry standards.
- SecureTrust DLP Takes proactive steps to protect your network from malicious USB devices. It proactively assesses the security risks and vulnerabilities associated with any USB drive and sends notifications of these risks as soon as they are detected. In addition, SecureTrust constantly monitors your network and endpoints to identify security weaknesses, so they can be fixed at the earliest. Plus, it also ensures compliance with industry standards. Its advanced reporting features are another salient aspect of this platform.
In all, these are some ways to protect your USB firmware from viruses. In particular, using DLP tools is considered a prudent security strategy as these tools provide comprehensive protection from security vulnerabilities emanating through USB devices.
To conclude, USB devices are popular because of their portability and versatility, and hence, are used for storing, accessing networks, installing software, and more. However, these USB devices come with firmware and you must install it in your system for the USB drive to function. Sometimes, malicious actors use this firmware to their advantage and include viruses and malware that also get installed automatically on your device and infect it.
To protect your USB firmware from viruses, we have listed a few tips and tricks such as disabling auto-installation on your devices, avoiding unknown USB drives, and using Data Loss Prevention (DLP) tools. Out of these strategies, using DLP tools is the most effective as you get other benefits also such as compliance, prevention of insider threats, and more.
However, choosing a DLP tool is not easy and this is why we have listed some of the best ones in terms of their popularity, capabilities, and effectiveness in protecting your device. We hope this information saves you from a potential virus attack through an infected USB drive.
For more informative articles and in-depth guides, check out our website.