Caution – Free USB Drives

Caution-Free USB Drives

While attending a recent technology conference in Florida, we were somewhat shocked, bewildered and concerned by the sight of rather plain cardboard boxes positioned near the entrance to the conference tradeshow floor (pictured below) – offering Free USB drives.


The boxes were empty and USB drives are a common giveaway item at tradeshows. However, we couldn’t help but wonder if those who helped themselves to a free drive – had considered the possibility that these drives were loaded with PC crippling malware.

Unfortunately, no one has claimed responsibility and we have no way of knowing if the offer of these drives was simply an act of generosity, a social experiment or a malware trap.

However, our good friends at CompTIA recently published findings of a experiment with striking similarities:

CompTIA Cyber Secure:A Look at Employee Cybersecurity Habits in the Workplace

“Nearly one in five people who found a random USB stick in a public setting proceeded to use the drive in ways that posed cybersecurity risks to their personal devices and information and potentially, that of their employer, a recent experiment conducted on behalf of CompTIA, the IT industry association, revealed.”

“In the experiment, 200 unbranded USB flash drives were left in high-traffic, public locations in Chicago, Cleveland, San Francisco and Washington, D.C. In about one in five instances, the flash drives were picked up and plugged into a device. Users then proceeded to engage in several potentially risky behaviors: opening text files, clicking on unfamiliar web links or sending messages to a listed email address.”

“Notably, consumers’ technology literacy was not a determining factor for whether a USB stick was picked up or not.

Read more on the CompTIA social experiment here:

More on this Topic:

Find a flash drive, pick it up: Study highlights poor city security habits | By Charlie Osborne for Zero Day

Social Experiment Highlights Abysmal Security Hygiene | Tara Seals US/North America News Reporter, Infosecurity Magazine

Criminals push malware by ‘losing’ USB sticks in parking lots By Emil Protalinski for Zero Day | July 11, 2012

Found thumb drives: another way employees are a security menace | By Henry Kenyon | Jun 30, 2011

Human Errors Fuel Hacking as Test Shows Nothing Stops Idiocy | Cliff Edwards, Olga Kharif and Michael Riley | June 27, 2011

 1,227 total views,  2 views today

(Visited 1 times, 1 visits today)

9 thoughts on “Caution – Free USB Drives”

  1. Jim Glennaalann did i say i found "a lot"? those words weren't anywhere in my post so i did not say such a thing. i have found a few and did indeed destroy them. nice try you trolling plonker.

  2. If a box was left as seen in the picture then security at the
    conference was non-existent and in these times unforgivable.

  3. If you have a Windows PC, hold done the shift key when you insert the drive until it is recognized, it prevents any auto-run. Then do a full format. Wouldn’t that also prevent any infection?

  4. when i find one, i destroy it and pray that whoever dropped it was wise enough to back up their files. sure, it may sound cruel at first glance, but when you think about the possibility that it may be a trojan horse, ignoring it in hopes that its owner will return may just be putting someone else's security at risk. because you never know who's gonna come behind you at some point and pick it up, thinking they just scored. especially if it's of substantial storage size!

Leave a Comment

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.