Select Page

There are a number of different reasons that a company may choose to carry out a security assessment on their network, either to find out how secure it is and how easy it is for employees to carry information off the network. Another reason why companies may choose to carry out Penetration Testing is to determine how secure a particular device is. For instance, a USB flash drive may look like it can be a secure USB memory stick, but what if it is loaded with malware or has actually been loaded with malware? The drive is useless. However, with some simple Penetration Testing, a computer forensic specialist can uncover this fact and use it as a weapon against the company.

The most common type of testing that is carried out on thumb drives is called Symbolication. This involves deciphering the meaning of a series of binary symbols from a file. In the past, this used to require the use of a sophisticated deciphering program. However, with modern computer technology, this process is much easier and can be carried out even by a novice. As well as carrying out symbolization, other types of attacks can be carried out against a USB thumb drive, including data overwriting (which we will come across shortly) and active tracking.

Data overwriting involves taking a bootable USB thumb drive and formatting it, so that any existing data will be lost. While formatting will permanently delete any existing data, an attack which enables you to read the contents of a USB drive may not. Active tracking will allow you to discover whether or not a data file has been successfully overwritten. This is done using software which can determine whether the same data has been written to another drive or if the drive is truly empty. If the latter is true, then the software will return True and the overwritten data will be lost. You can then make the software stop and in doing so, you have effectively caused the drive to be “died” and you therefore do not have access to the previously stored data.

How Do You Use A Thumb Drive?

The last type of attack which will be used against a USB drive is what is known as malware (malicious software). This is very similar to viruses – in that, it will install a working application on your computer in order to trick you into opening infectious attachments, but the software has a more malicious goal in mind. These software tools will search through your entire computer, looking for various files which are associated with the latest versions of Windows. It then looks for codes within these files which have been added to the system via embedded drivers or registry keys.

Once the software has found these embedded keys, it copies itself to your system in the hope that somehow, by downloading and installing the tool, you will let it copy the data it needs. As it is very difficult to remove such software from your PC, you will need to work smarter not harder when it comes to how do you use a thumb drive. The more spyware (malware) resistant applications that you can run on your PC, the better off you’ll be. There is an application called “SpywareDoctor” which you can download for free from the internet to scan any potential infections with.

If you want to know how do you use a thumb drive and lose sensitive information, the best advice is to stay away from these drives unless you absolutely need to store the data on a device which is only available for a short period of time. If you absolutely must store information on such a device, use a trusted third party software program that will not cause more damage to your computer. This will also ensure that no adware (malware) programs will install on your PC as this kind of software will prevent such programs from working while on your PC.

Tags: how do you use a thumb drive, security assessment, offensive security, computer, web applications

Share and Enjoy !

Shares