December 08, 2011, 1:08 PM — Stop crying about that flash drive you lost
Analysts from Sophos did something interesting in Australia recently: They went to the Sydney train station and took away three big bags of USB flash drives left by riders on commuter trains into and out of Sydney.
They returned the lost thumb drives to lost and found, but not without pulling out a sample of 50 to see how secure the drives were, how sensitive the data and how likely it would be that someone who randomly picked up a lost thumb drive could end up with hyper-valuable insider information.
What the Sophos researchers found was malware on two-thirds of the drives. What they didn't find were passwords.
Of the 50 drives they analyzed, ranging from 256 MB to 8GB in size, 66 percent were infected with at least one form of malware; many were infected with more than one. None was encrypted or protected by even a password to keep their data from being stolen.
Most surprisingly, seven of the 33 infected drives either belonged to MacOSX users or had been used with Macintosh computers primarily.
That shoots down the assumption Windows users may have that data or data-storage media from Apple users are safe, or at least less likely to be infected than the same kind of storage from a Windows user according to Paul Ducklin, Sophos' head of technology in the Asia/Pacific region.
None of the drives held critically sensitive data, though many did have personal data on the drive owners and on their family and friends.
Most of the malware was the kind commonly found in spam email and other malware-infection vectors. None looked as if they'd been planted deliberately to spread the malware.
All looked as if the owners just didn't care enough about the USB drives, the data on them or the likelihood of carrying viruses around with them to scan the drives for malware, encrypt stored files or even put on a password to keep out the most casual attempts at intrusion.
"Sadly, I think the malware prevalence tells a simple story of poor PC hygiene," Ducklin concluded.
The result probably won't teach a lesson to those whose USB storage handling is a little unclean.