Trump and Kim USB fan raises cyber-security alert

USB fan and Kim Jong-Un CD Trump and Kim USB fan raises cyber-security alert Trump and Kim USB fan raises cyber-security alert 4422fc9015
Image caption The gift pack included a USB fan and a CD illustrated with the face of the North Korean leader

Cyber-security experts have expressed surprise that journalists at the summit between US President Donald Trump and North Korean leader Kim Jong-Un in Singapore were given USB-powered fans.

Some warned reporters not to plug them in to their laptops, as USB devices can carry malware.

The fans were part of a gift bag including a branded water bottle and a local guidebook.

Temperatures reached 33C in Singapore during the meeting.

Dutch journalist Harald Doornbos tweeted a picture of the fan.

Skip Twitter post by @HaraldDoornbos

13/ Handig. In de persmap voor de #KimTrumpSummit zit een mini usb fan. Handig om koel te blijven tijdens het schrijven. Het is hier in Singapore idd vrij heet. 33°C of zo. Maar haalt het niet bij Dubai, koning van de oven.

— Harald Doornbos (@HaraldDoornbos) June 10, 2018

End of Twitter post by @HaraldDoornbos

The tweet reads: “Handy. In the press kit for the #KimTrumpSummit, there is a mini USB fan – convenient to stay cool while writing. It is pretty hot here in Singapore, 33C or so. But it does not reach Dubai, king of the oven.”

But cyber-security expert Prof Alan Woodward, from Surrey University, said: “For years now, engineering people to plug in a USB stick you supplied has been a classic way of circumventing security measures to get your software on their machine.

“There’s an adage in cyber-security: if you give someone physical access to your computer, it’s no longer your computer. Use an unknown USB stick and you are doing just that.”

The gift packs were assembled by the Singapore state company which manages the island of Sentosa where the summit took place.

North Korea has been blamed for a number of cyber-security incidents, including the release of the Wannacry ransomware that struck the NHS in 2017.

The state has denied responsibility.

Skip Twitter post by @bartongellman

Maybe the fan is just a fan. Bad bet, though. I should probably add: if you did plug it in you’re human. Malware authors abuse the instinct to trust. Until someone competent has a look, I recommend you power down your machine if you can and change passwords with a clean device.

— Barton Gellman (@bartongellman) June 11, 2018

End of Twitter post by @bartongellman

Original Source