The old adage (is there any other kind?) that curiosity killed the cat also applies to cybersecurity. The Multi-State Information and Analysis Center, a federal cybersecurity agency has issued an unusual warning about CDs with malware apparently being sent by regular mail to various governmental agencies accompanied by a rambling message containing occasional Mandarin language. Various state historical societies, state archives and other governmental agencies have received these communications. Anyone out of curiosity inserting the CD into his or her computer would download dangerous malware. The MS-ISAC did not indicate in its warning whether or not anyone at the targeted agencies had installed the CDs, but previous cybersecurity tests by the Department of Homeland Security in which it left CDs and USB portable thumb drives in parking lots of government buildings resulted in employees picking up and inserting the CDs and USB portable thumb drives into their work computers 60% of the time and if the CD or USB portable thumb drive carried the American Eagle logo, this figure went up to 90%.
TIPS
The lesson here is quite clear. Never insert a CD or USB portable thumb drive into your computer, tablet or any other electronic device unless you are absolutely sure that it is legitimate. Even if you are using the most up to date security software and have kept that software updated with the latest security patches, you will not be protected from the latest zero day defects which are malware for which no security patch has yet been devised. It takes at least a month from the time a new strain of malware is discovered for a security patch to be created.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”