You don’t have to be [healthily] paranoid about privacy and data breaches nor a binge-watching fan of the show Mr. Robot to understand the importance of actively defending your law firm from cyber attacks. The movies and old-guard television shows might have you thinking that an attack on your sensitive data is carried out by a focused and concerted effort against you specifically by a hooded figure clacking at his keyboard in a dark room somewhere.
Unless you’re a high profile target this is most likely not the case. Does that mean you are safe from cyber attacks in general? Absolutely not. More scary is the automatic processes constantly running and spreading in a mass collection of data and resource highjacking.
In this article, we are going to discuss how flash drives can work against you in the fight to safeguard your law firm and your clients’ most sensitive information.
Dangers Of The “Free” Flash Drive
Flash drives are incredibly cheap. Just do a google search and see all of the opportunities to buy promotional flash drives in bulk with a logo of your choosing. This is great for corporate gift bags and promotional swag, but it’s also amazing for a potential attacker. As digital storage decreases in price and increases in capacity, attackers can find easy avenues to purchasing hundreds of cheap flash drives with “official” looking logos to run their malicious codes against you.
What an attacker will do is take these infected flash drives and scatter them around business parks, corporate centers, and within offices themselves in hopes that you and I will be stoked on finding a “free” flash drive to print off that report or easily transfer those court documents. This is when the virus gets to work.
Once the drive is mounted to your computer, the virus copies itself throughout your system and can even access the internet to download more malicious code to your computer.
You are now running an infected computer behind your once safely guarded network. The danger isn’t just confined to this single point of infection. That computer now acts as hub to infect others. Imagine taking a clean flash drive/portable storage and plugging it into that compromised computer running a self-replicating malicious code.
That code seeks out other portable storage devices and hitches a ride.
This means once your clean drive is mounted you become a carrier for that virus and spread an infected flash drive to every computer you plug into.
Stuxnet, Air Gapped Computers, And Digital Vaults
This method of flash drive seeking viruses is so effective in infecting systems it is even a threat to air-gapped systems. “An air-gapped computer is one that is neither connected to the internet nor connected to other systems that are connected to the internet.” - wired
The purpose of an air gap computer is to limit its exposure in the case of providing extra security such as military and payment networks. Think of it as a digital vault for information that needs to stay private. There are no ways to access it remotely. You physically have to be in contact with it in order to retrieve or add information.
Although this is a big help in safeguarding data, it’s not always sufficient in protecting against malicious code lurking on flash drives.
Removable storage devices, such as your flash drive, can attack air-gapped computers in much the same way as any other computer. Because this attack relies on people to spread, it does not require the internet in order to infect a computer in the first place. Referring back to our scenario, imagine taking your once “clean” hard drive (recently infected by plugging into that infected computer) and plugging it into an air-gapped computer.
A bit of malicious code that is designed to attack these kinds of computers can replicate itself onto that air-gapped computer and start collecting information. The next time a portable drive is mounted to it, the code replicates to the new drive along with the information it has collected. Now, all it takes is for the new drive(s) to be plugged into a computer with internet access and it can upload all of its data to a remote server controlled by the attacker.
What’s more is air-gapped systems tend to operate as more than just digital vaults. They can be anything including the central nervous system for actual physical machinery. This harkens back to the Stuxnet virus successfully spread to an air-gapped system via USB in cyber warfare against Iran, and responsible for hijacking the controls of uranium centrifuges spinning them into oblivion - causing real, physical damage, and explosions.
The Risk Of A Virus-Free Flash Drive
A major issue with flash drives and one of the most obvious dangers of using flash drives in conjunction with highly sensitive data does not involve Stuxnet like viruses taking over your air gapped servers and holding your hostage, but a very human mistake. Just losing the flash drive.
The problem with using small, portable devices to carry and store sensitive materials is that information tends to stay on the device once you’re done with the drive. That sensitive data is easily duplicated, left on flash drives and misplaced for someone outside of your firm to find.
A Few Ways To Protect Your Law Firm From These Attacks
An immediate and obvious solution to protecting yourself against the harm that self-replicating, removable storage device seeking viruses present is to prevent them from being used on your computers. But is this realistic?
At first thought, this sounds unrealistic. For quick data transfer, flash drives are just too convenient. However, with free and secure cloud-based services such as that which the basic Gmail account provides, you can easily avoid using flash drives for sharing files between computers. You can share access and then restrict access to files within your google drive account, files under 25 megabytes that are uploaded to google drive are subsequently scanned for viruses. And all of your documents are immediately made available on the go from any smartphone. For easy printing, connecting to wifi enabled and networked printers removes the need to print from a removable storage device.
If flash drive abstinence is not a viable option for your law firm, there are other options. Opswat.com recommends a malware scanning kiosk. This is an air-gapped computer deployed in a centrally located area of your office place with the singular purpose of scanning flash drives for malware before you plug it into your computer.
Discovery Litigation Services Safeguards Your Case Documents and Videos
To achieve a balance between high security and convenience, the Discovery Litigation Services web-based platform makes it easy to safeguard sensitive materials while implementing flexible and quick access with easy sharing of essential court documents, transcripts, videos, and exhibits without the need of flash drives, without duplicating sensitive information. Just share a link and allow access to those individuals who need to access it.
