How Are USBs Being Used by Criminals To Attack Your Company Data Systems?
Are USBs being targeted by cybercriminals to attack your data systems?
With businesses all over the world having shifted to the digital realm, what has arisen is the real need for strengthened cybersecurity. A cyberattack is a deliberate effort of a group or an individual to trespass into another organization’s information system. These attacks are harmful in nature, with the aim of causing damage or seeking benefit from the disruption it generates.
Because people think by just blocking USB storage, they are protecting themselves from USB risk, have caused organizations to have a big security gap in their environment.
Prevalence of USB cyber-attacks across the globe
According to the Identity Theft Resources Center, the number of data breaches last year exceeded that of 2020, by more than 68%. The record number of data compromises is 23% more than the previous record held in 2017. Data events involving sensitive information - such as social security numbers - also rose from 80% in 2020 to 83% in 2021.
In particular, USBs or thumb drives are used by cybercriminals. Data from the Honeywell Industrial Cybersecurity’s USB Threat Report 2020 revealed that threats zoning in on operational tech systems grew nearly twice in number (from 16% to 28%), whereas threats that could disrupt those systems increased from 26% to 59%.
How USB attacks work
USB drop attacks are when cybercriminals leave USBs for targets to find and later insert into their computers. At that point, any of the following mechanisms may be executed:
Malicious code. A user clicks on a file in the USB, triggering a malicious code that automatically activates and is capable of downloading malware from the Internet.
Social engineering. A file in the drive redirects to a phishing site which gets the user to enter their log-in credentials.
Human interface device (HID) spoofing. The plugged-in USB will make the computer think a keyboard is attached, and then injects keystrokes commanding the computer to provide the hacker remote access to the victim’s device.
Another type of hack is called “BadUSB” attacks, which are sent through the post or mail. Previously, USBs were sent disguised as a COVID-19 warning message from the US Department of Health and Human Services or a gift card from Amazon.
“BadUSBs” enable the hacker to reprogram the thumb drive to imitate a keyboard to form keystrokes and commands the computer to install malware before the operating system has booted up.
What you should and should not do
With the prevalence of USB attacks, business owners and executives have to see to it that:
Employees don’t store sensitive data on USB drives
Sensitive information is protected via encryption or other safety features
Employees use separate flash drives for personal and office use
Policies are crafted and disseminated regarding what can and can’t be plugged into the company network
USB ports on sensitive computers are blocked
Restrict types of USBs allowed on a computer
Security policies and patches are consistently updated