Why Removable Media Still Matters in Cybersecurity

Removable media has been part of computing for decades, from floppy disks to the USB drives still used today. While many organisations now rely on cloud storage and network-based tools, physical devices have not disappeared.

In sectors where connectivity is limited or security controls are strict, they remain a practical way to move data. With that continued use comes risk.

Why organisations still rely on removable media

Despite the rise of online storage, there are clear reasons why USB drives, DVDs, and portable hard disks are still in circulation. Air-gapped networks, which are deliberately kept offline, often depend on them for software updates or transferring data.

Contractors may use them to deliver files on-site, engineers may rely on them to install patches, and employees may carry them for convenience.

In industries such as defence, healthcare, and energy, the need for offline transfers is not just a matter of habit but a requirement. These devices are simple, portable, and familiar, which makes them unlikely to vanish completely.

Risks linked to removable media

The convenience of removable media also makes it a common source of problems. Malware can be placed on a USB drive without the user’s knowledge, activating when it is connected to a secure system.

The Stuxnet attack, which spread through infected USB devices, remains one of the most widely discussed examples of how damaging this vector can be.

There are other risks as well. Lost or stolen drives may contain sensitive files. Some attacks exploit the firmware of USB devices, allowing them to disguise themselves as trusted peripherals.

Human behaviour is also a factor, such as using personal devices for work or plugging in a drive found on-site.

Examples of real-world impact

The impact of these risks is not theoretical. Manufacturers have reported production stoppages caused by infected devices introduced by third-party contractors.

In shipping, malware on USB drives has disrupted systems on board vessels with limited connectivity. Even office environments have been affected when staff connected personal devices to corporate networks.

The financial and operational consequences can be significant. Malware outbreaks have halted logistics operations, disrupted supply chains, and in some cases compromised sensitive research data.

For organisations managing critical services, the stakes extend beyond business impact to national security and public safety.

Maritime cybersecurity and offline threats

The maritime sector highlights how removable media continues to matter. Ships often operate for long periods without a stable internet connection, making offline file transfers unavoidable.

Crew members, contractors, and suppliers frequently move data in and out using portable devices. This makes vessels and ports potential targets for malware that can spread quietly and cause disruption at sea.

The International Maritime Organization (IMO) has issued guidance stressing the importance of managing cyber risks in shipping. Companies are expected to treat removable media as part of that risk picture, applying controls and procedures to limit exposure.

Practical steps range from training crews to the use of dedicated scanning systems. More information on sector-specific approaches is available in this resource on maritime cybersecurity.

Reducing the risks

For organisations in any sector, a clear policy is the starting point. Staff should know when removable media can be used, under what conditions, and what checks are required.

Encryption can protect sensitive data if a device is lost. Technical solutions such as scanning stations or endpoint controls can add a further layer of protection.

Training remains essential. Employees and contractors must understand the dangers of using unverified devices or transferring data outside approved processes.

Practical examples help reinforce this: an engineer who knows that plugging in a personal drive could halt production is less likely to take shortcuts.

Conclusion

Removable media may not dominate the way we move information, but it has not disappeared. In many workplaces, from industrial plants to shipping lanes, it remains a necessary tool.

Ignoring the risks it poses leaves a gap in cybersecurity planning that attackers can exploit. Clear policies, technical safeguards, and regular training reduce those risks and keep essential operations secure.