There is no information in this report about what types of ‘removable media devices’ have been reported to be infected. This is not really a new issue; I recall reports of digital picture frames becoming infected at the manufacturer’s location when the quality control checks were done with an unprotected computer. Whether the devices being reported to US-CERT were deliberately or accidentally infected is not explained in this warning.
US-CERT recommends the implementing the following security practices:
• Disable autorun in Windows [see Microsoft knowledgebase article 967715].Please note that this warning did not come from DHS ICS-CERT so it did not include the caveat included in most ICS-CERT mitigation recommendations that administrators need to evaluate the potential impacts of the recommended mitigation measures on their particular systems prior to implementation.
• Maintain up-to-date antivirus software.
• Maintain up-to-date hardware, operating systems, and software by applying security patches, fixes, and updates.
• Perform virus scanning of the removable media devices prior to each use.
No comments:
Post a Comment