Pull the plug

USB drive and computer

It might sound like a plot from a spy movie, but free flash drives or similar USB gadgets obtained at conferences could pose cybersecurity risks if you plug them into Postal Service computers.

Don’t Plug In,” a new CyberSafe at USPS video on Blue, shows what could happen when employees plug personal devices into postal computers.

Cybercriminals often load malware onto seemingly innocuous USB devices to con users into compromising computer equipment and networks in order to steal information.

For example, Russian agents once sold malicious USB flash drives in retail kiosks near NATO headquarters in Kabul to gain access to classified information.

To protect Postal Service computers, follow these tips:

• Only plug USPS-approved devices into postal equipment. A list of approved devices is available on Blue.

• Avoid plugging your personal or USPS phone into USB chargers at events, conferences or airports. Use wall outlets in approved areas to charge devices.

• Notify a supervisor immediately if you see an unauthorized device plugged into a USB port.

To report a cybersecurity incident, send an email to CyberSafe@usps.gov or call 877-876-2455.

The CyberSafe at USPS sites on Blue and LiteBlue and USPSCyberSafe.com have more information.