Do You Allow Autorun? | Titania

What is Autorun?

Autorun is a feature on Windows’ operating systems that automatically executes code present on external devices when they are plugged into a PC.

How can it be exploited?

Types of external devices that can contain instructions for Autorun range from USB Sticks and external hard drives, to CD/DVD drives and smart phones. There are several ways in which Autorun can be exploited, but a common method used by Cyber Criminals take advantage of human curiosity. There have been numerous examples where USB sticks are left in public places and in the workplace environment that show people will pick these devices up and plug them into their computers to see what’s on them or who they belong to.

What sort of Malware can be delivered in this way?

There are many flavours of malware (malicious software) that exploit the Autorun feature to enter and then spread themselves around a computer or network of computers. One such example of this was a piece of Malware called ‘Ssucll.A’.

Ssucll.A would make its way on to a user’s Android phone by masquerading as a legitimate application on the google play store. Once installed the malware could perform a range of unpleasant activities, one of which was the installation of autorun instructions to take place when the user plugged their phone into a computer.

Once connected to a computer that had Autorun enabled, the android phone would act as a delivery system for the malware to write itself to the PC. At this point any number of malicious actions could be carried out without the user’s knowledge.

A notable example with the Ssucll.A Malware was the recording and transmission of microphone audio from the infected PC back to the attacker’s server.

How can I check if my PC has autorun enabled?

There are many different versions of windows operating systems, if you’re not sure which you have or would like guidance on how to turn it off, Microsoft have provided a thorough walkthrough here.

The UK Government have outlined a series of basic technical steps users can take to protect themselves from cyber-attacks in the Cyber Essentials scheme here. One of the recommendations is to disable Autorun so that you have to manually approve any devices that connect to your PC.

Titania’s free Risk Assessment Tool will automatically check this for you and point you towards guidance to stay more secure, in line with Cyber Essentials.

If after you’ve used the Risk Assessment Tool you’d like to become even more secure, you can use our Paws Studio tool to help you do that. Check out a free trial of Paws Studio here.