Hey Secret Service: Don't Plug Suspect USB Sticks into Random Computers
I just noticed this bit from the incredibly weird story of the Chinese woman arrested at Mar-a-Lago:
Secret Service agent Samuel Ivanovich, who interviewed Zhang on the day of her arrest, testified at the hearing. He stated that when another agent put Zhang’s thumb drive into his computer, it immediately began to install files, a “very out-of-the-ordinary” event that he had never seen happen before during this kind of analysis. The agent had to immediately stop the analysis to halt any further corruption of his computer, Ivanovich testified. The analysis is ongoing but still inconclusive, he said.
This is what passes for forensics at the Secret Service? I expect better.
EDITED TO ADD (4/9): I know this post is peripherally related to Trump. I know some readers can’t help themselves from talking about broader issues surrounding Trump, Russia, and so on. Please do not comment to those posts. I will delete them as soon as I see them.
EDITED TO ADD (4/9): Ars Technica has more detail.
Kai • April 9, 2019 7:07 AM
What I’d like to know is what has been done with the secret service laptop? I hope it was immediately quarantined, investigated and either wiped or destroyed. Judging from the agent’s actions initially in actually plugging the USB drive in, I’m guessing he’s run a malware scan and pronounced it fit for use.
Not only has he risked infecting his machine (and potentially any other machine on the same network) but he’s also risked destroying evidence on the USB.
Amateur move.