CIO News Hubb
Advertisement
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact
No Result
View All Result
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact
No Result
View All Result
CIO News Hubb
No Result
View All Result
Home Information Security

Malicious USB devices: What are the risks?

admin by admin
January 26, 2023
in Information Security


Malicious USBs can allow attackers to obtain a user’s passwords, access their devices, and even irreversibly damage their computer.

It’s understandable that when people find a misplaced USB drive or memory stick, they want to find out what it contains. Human curiosity is what attackers exploit, after all. However, plugging an unauthenticated device into your own or work computer can be very dangerous, and USB flash drives are still a common way for attackers to infect computers with viruses and malware. They can damage your devices and data in seconds. If you think this can’t happen to you, think again! 

You can find a malicious flash drive on the street, at school, or at work. The problem with USB security is more complex than ever, and the popularity of related threats has only been amplified through the growing presence of online video tutorials on making these devices and the increased availability of hardware. It’s not just flash drives that we’re talking about here – other USB devices can also be infected, including seemingly innocent cables. 

In addition to the aforementioned case of “lost” USBs, there are also cases of malicious flash drives that people receive for free as promotional materials at conferences, job fairs, or other events.

How do malicious USB attacks work?

In a nutshell, malicious USB attacks can be broken down into the following steps: First, the attacker uploads malicious code to the USB device, which is executed when connected to a computer or when the user opens an infected file stored on the drive. If the user has antivirus installed on their device, the risk is greatly reduced – this is because an antivirus program can detect the malicious behavior and stop the attack. 

The second option is to set the hardware of the USB device so that the computer perceives it as a keyboard or webcam when connected. This makes it easier for an attacker to overcome security measures and infect the user’s computer with malware.

The most commonly used type of such malicious device is the so-called Rubber Ducky, which appears to be a regular USB drive but actually mimics a keyboard. When plugged into a computer, it can “press” predetermined keys and execute malicious code. Rubber Ducky also appeared in the second season of Mr. Robot, which portrayed Rami Malek as a young hacker. (If you’re thinking about what to tune into tonight, this series is definitely worth a watch!)

What are the dangers of USB flash drives?

A malicious USB device can allow a victim to steal stored passwords, gain access to sensitive files, or directly open a backdoor to gain control of a device. In rare cases, it can even damage the device so badly that it can no longer be used. 

Malicious USBs can also be an effective way for cybercriminals to bypass some corporate security measures. They can use them to gain access to a computer, server, or an organization’s network. An attacker usually only needs to wait for an employee to voluntarily plug the device into their work computer.

How to protect yourself from malicious USB devices

  • Beware of unauthenticated devices: Only connect your own USB devices to your computer, where you know the contents and purpose. Don’t plug a drive into your computer that you found somewhere or are unsure who it belongs to.
  • Unplug USB devices automatically: You can specify in your computer’s settings which devices can connect to it automatically. We recommend that you disable this option for all devices. This will give you more control over your computer and prevent connected USB devices from automatically running programs. 

  • Don’t run or install anything from someone else’s USB: The same applies to any file you find on someone else’s USB as it does to those you find on the internet – be careful not to run or install programs.

  • Use antivirus: You can prevent some attacks from a malicious USB if you protect your computer with a robust antivirus.



Source link

Previous Post

Illustrateability ~ Future of CIO

Next Post

Visualize AWS WAF logs with an Amazon CloudWatch dashboard

Related Posts

Information Security

Spyware Vendors Caught Exploiting Zero-Day Vulnerabilities on Android and iOS Devices

by admin
March 29, 2023
Information Security

How to use Amazon GuardDuty and AWS WAF v2 to automatically block suspicious hosts

by admin
March 29, 2023
Information Security

Microsoft Introduces GPT-4 AI-Powered Security Copilot Tool to Empower Defenders

by admin
March 28, 2023
Information Security

20-Year-Old BreachForums Founder Faces Up to 5 Years in Prison

by admin
March 27, 2023
Information Security

Microsoft Warns of Stealthy Outlook Vulnerability Exploited by Russian Hackers

by admin
March 26, 2023
Next Post

Visualize AWS WAF logs with an Amazon CloudWatch dashboard

Recommended

Innatelogicalfluency ~ Future of CIO

March 30, 2023

Spyware Vendors Caught Exploiting Zero-Day Vulnerabilities on Android and iOS Devices

March 29, 2023

How to use Amazon GuardDuty and AWS WAF v2 to automatically block suspicious hosts

March 29, 2023

Influencing ~ Future of CIO

March 29, 2023

Microsoft Introduces GPT-4 AI-Powered Security Copilot Tool to Empower Defenders

March 28, 2023

Illogic ~ Future of CIO

March 28, 2023

© CIO News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy and Terms & Conditions.

Navigate Site

  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact

Newsletter Sign Up

No Result
View All Result
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact

© 2022 CIO News Hubb All rights reserved.