The arrest of a Chinese citizen carrying a malware-infected thumb drive at Mar-a-Lago is a reminder that digital threats don’t always arrive via email or complex hacks.
Sometimes they’re hand delivered.
When Yujing Zhang was arrested at President Trump’s Florida resort Saturday, she was carrying four cellphones, a laptop, an external hard drive and the thumb drive, which “a preliminary forensic investigation” determined contained malicious software, according to the criminal complaint filed in a federal court Monday.
It’s unclear so far why Zhang, who my colleague Devlin Barrett and David Fahrenthold reported was charged with making false statements and entering a restricted area, was at the resort or what she planned to do with the thumb drive.
But her suspicious cargo serves as a reminder that sometimes even simple tricks can be incredibly effective at stealing information or disrupting data.
It also underscores the complexities of providing cybersecurity for a president who loves to visit his other properties.
Thumb drives remain a popular method for digital attacks because they get around common computer defenses that are more likely to trust something a person inserts directly into the computer. While secure sites such as the White House are likely well-protected against thumb drive attacks, Mar-a-Lago has to balance security with the convenience of a lot of guests who aren’t the president of the United States, notes Mark Rasch, a former federal computer crimes prosecutor.
“You’re only as secure as your weakest link,” Rasch told me.
Malware-infected thumb drives, or USB sticks, have done a lot of damage to the U.S. government before.
The worst digital attack against the Defense Department in history, code-named Buckshot Yankee, began with an infected thumb drive that somehow connected to a classified network and began sending data back to the group that installed the malware — possibly Russian intelligence agencies — as the Post reported back in 2011.
Source: Washington Post