USB devices, also known as thumb drives or data sticks, are well-known means of storing and transferring data from one system to another. Because they are inexpensive, portable, and easy to use, cybercriminals try to use USB devices to target users. They can also carry malicious software and viruses that can infect your computer with a single click. It is important to be aware of the dangers associated with unknown USB devices and take necessary precautions when using them.
How unknown USB devices pose a risk to regular users
USB devices are small, external, portable, and inexpensive drives. Anyone can plug and store data within them. However, the same characteristics enable cybercriminals to leverage these devices to distribute malware and other illicit programs. These programs can infect your system or trigger a threat to the entire network of computers. Consequently, businesses and individuals must be informed of the potential risks associated with using USB drives from unknown sources and how it can lead to data breaches.
Cyberattacks using USB sticks
The widely known cyberattacks Flame and Stuxnet were disseminated using USB sticks. It is speculated that these alleged American-Israeli cyber weapons may have been created to infiltrate and sabotage Iran's nuclear program. That is to say, these malicious USB devices were used as a way of installing malware and disrupting nuclear infrastructure.
Threat to organizations
USB sticks pose a grave threat to organizations, as they might contain malware to monitor keystrokes and record screens. Furthermore, unknown USB devices can be used as a backdoor to access an organization's confidential information. Hackers insert the USB device into a system, which allows them to control that computer remotely. This type of attack can result in data theft, financial loss, and disruption of services.
Cybersecurity professionals warn professionals and enterprises not to plug unknown USB devices into their computers and other portable devices like smartphones or tablets. Scammers and adversaries are increasingly planting malware into corporate systems by launching USB drop scams.
Seemingly 'innocent' USB Gadgets
Not only can scammers alter USB devices such as LEDs, USB fans, plasma balls, mini-fridges, coffee warmers and charging cables - they also have the capacity to install malicious software into them. These devices can steal data and encrypt the victim's information by planting ransomware into USB sticks and equipment. These malicious codes are readily available on GitHub. Malware loaded in unknown USBs can also redirect you to malicious pages, auto-execute to enable a backdoor into your system, and infect your system configuration files. It could be your Pendrive or OTGs of different USB versions.
The takeaway here? Exercise caution when plugging in USB drives or devices into your computer.
In the corporate world, USB drops are one of the most common methods hackers use to launch targeted attacks. This involves leaving infected USB devices in places such as parking lots and lobbies with a label such as 'payroll' that may seem alluring to the finger. As unsuspecting victims try to access the content, they inadvertently put their data security at risk.
USB drops are also part of a red team exercise in which ethical hackers test employees by leaving USB devices around a workplace. Obviously, these devices don't contain actual malicious software, but they are a good way to test employee security awareness.
Best practices to prevent USB attacks
Keep personal and business USB drives separate.
It is a good practice to refrain from using personal USB devices on your work system/PC. It will prevent the spread of malware to your entire corporate network.
Never plug in any unknown USB device in your system.
Cybercriminals may try to entice you with an unknown pendrive. If you connect that device to your system, the malware it carries could quickly infect your machine! From there, they could have access to every keystroke of yours and deploy other malicious programs at will - leaving you completely exposed.
Disable the autorun feature on Windows computers.
Windows autorun feature is designed to detect any USB device, CD or DVD inserted by a user and automatically launch it. Unfortunately, this convenient tool can become a liability if malicious code is present on the disc or drive, which could quickly spread to your system.
Use passwords to access your USB drives.
Using passwords in your USB drives can also help prevent hackers from stealing your USB drive and deploying malware.
Educate your employees.
Organizations must educate their employees and staff on the risks of inserting foreign USB devices or flash drives into any network, as these may contain malicious software that can compromise the system. It is essential to be aware of how malware could potentially cause harm to an enterprise's critical infrastructure.
It is important to be aware of the risks associated with unknown USB devices. They can be used to install malicious software or gain access to confidential information without your knowledge. As such, it is important to take necessary precautions when using USB drives from unknown sources and ensure that you have the proper security measures in place to protect your data and systems. Additionally, organizations should ensure that their employees are properly educated on the risks of utilizing unknown USB drives and other devices, as they can be used to deploy malicious software that can compromise the entire corporate network. With the right protocols in place, you can ensure your data remains secure and protected from potential threats.
Sign up for our newsletter
10 January - Blog
Your Guide to Objective-Based Penetration Testing
14 December - Blog
2022 in Review and Our Predictions for 2023: Cyber-Threat Landscape
05 December - Blog
Choosing a Penetration Testing Company: Methodology & Certifications