Sophos:66% of lost USB sticks carry malware
Sophos is cautioning computer users over the careful use of USB memory sticks, following the results of a Sophos study into the contents of lost drives.
Sophos's Australian office conducted the experiment by purchasing a job-lot of found USB sticks from a lost property auction run by major transit authority in Sydney, 'RailCorp'.
The study revealed that two-thirds of the 50 tested USB sticks were infected with malware, and contained information about many of the former owners of the devices, their families, friends and colleagues. Files contained on the unprotected devices included tax documents, school and university assignments, AutoCAD drawings of work projects, photo albums of family and friends and software and web source code.
Disturbingly, none of the owners had used any sort of encryption to secure their files against unauthorised snoopers.
"It seems that commuters are not only losing their USB sticks, oblivious to the fact that they were carrying malware around in their pockets, but are also at risk of losing their identity and personal information through poor security," says Brett Myroff, CEO of Sophos distributor, NetXactics.
"Although this study was done in Sydney, Australia, there's no reason to believe that we wouldn't see a similar situation anywhere else for that matter. Computer users need to wake up to the threats, and take appropriate preventative steps."
Sophos advises computer users to encrypt all personal and business data before storing it on USB keys so that it cannot be accessed if devices are lost. “By running up-to-date anti-virus, even if you have a Mac as some of the USB sticks in the study were lost by Mac users, yet still contained PC malware, you can further prevent spreading malware and protect yourself when using shared USB drives.