A Reminder about Physical Security
A few weeks ago, we were given a stark reminder about the importance of physical security. A woman was arrested in March after attempting to enter Mar a Lago, the president’s private golf club in Florida. She was found with a USB drive containing malware, along with four cell phones, a laptop and a hard drive. A search of her hotel room turned up nine more USB drives and five SIM cards.
Initial reports of the incident noted that a Secret Service agent placed one of the suspicious USB drives into his computer. According to Business Insider, the agent “testified…that he put the thumb drive into his own computer and it began installing files in a ‘very out-of-the-ordinary’ way. He quickly stopped his analysis of the drive.” It is shocking to think that the Secret Service is unaware of what we consider to be cyber security 101: never connect unknown devices to the network.
Days later the Secret Service did push back on the notion that their agent was incompetent or that they do not know how to properly handle cyber threats. A spokesperson stated, “Assertions that U.S. Secret Service agents are incompetent to carry out forensic examinations on digital media (ie thumbdrives, laptops, cellphones, etc.) is outlandish and not rooted in fact. Secret Service forensic examinations are conducted on standalone computers, equipped with specialized forensic software, which are not connected to Secret Service networks.”
It’s a relief to hear that the Secret Service has the necessary plans and equipment to safely analyze cyber threats and this story is a great reminder that cyber threats come in multiple forms and we must stay vigilant.
What To Do If You Encounter Suspicious Hardware
Say you find a flash drive in the parking lot of your workplace. What would you do? Walk by it? Pick it up? Plug it into your workstation or home computer?
If you find a USB drive or other hardware at work, turn it into your IT help desk. They will likely have a procedure, much as the Secret Service spokesperson noted above, to scan it and determine the owner. If you find equipment elsewhere, it’s not labeled, and there is no front desk or lost and found, leave it alone or throw it out! NEVER connect it to your work network or your home PC.
On the other side of the coin, if you own portable hardware (i.e. USB drive or removable hard drive), label them with your contact information. This way, if it’s lost, someone can contact you without engaging in risky behavior, and it’s much more likely you’ll get your equipment back.