<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=116645602292181&amp;ev=PageView&amp;noscript=1">

IBM banning its employees from using removable storage devices, like USB sticks, received extensive media coverage, even though the US CERT warned against using USB drives in 2011.   

Why are USB and other removal drives still relevant and why is it a good idea to not use them?

1. Removable disks are still used by attackers 

While you'd think that using USB drives to infect machines is old-fashioned, new malware that infects machines via USB has has been discovered. In fact, only a month ago Cybereason researchers discovered Fauxpersky. This credstealer malware masquerades as Kaspersky antivirus to avoid being discovered by antivirus software. The infection method? Good ole USB drives:

2. people are always eager to plug in a usb device

A study has shown that almost 50 percent of people who find a USB flash device insert it into their computer without taking any precautions. According to the study, that percentage is higher than the one for people who'd click on a phishing link, making USB drives a highly efficient infection mechanism.

3. Low Operational Cost 

While still more expensive than spear phishing campaigns, the low cost of USB drives make them an attractive tool for running malicious campaigns.  

4. Provides hackers access to NETWORK NOT CONNECTED TO THE INTERNET

USB drives are an attractive infiltration method when targeting networks that are isolated from the Internet. According to some publications, this is how the CIA accessed North Korean networks

5. EnablES Targeted Attacks 

USB drivers are a common giveaways at conferences, enabling attackers to target a specific audience or industry. Attackers looking to gain access to a specific organization can spread USB drive in the company's facility, similar to the situation portrayed in this video. 



We've heard stories about attackers inserting USB sticks into open ports on an unattended computers at trade shows, in hotel rooms and at coffee shops.

A common scenario plays out like this: At a trade show, attackers visit the booth of the vendor they'd like to steal information from. While a sales representative is talking to a potential customer, another person quickly slips a USB stick into an open port on the representative's laptop. The malware stored on the USB stick then executes. To prevent this from happening, physically block your machine's USB ports. If you don't have a port blocker, duct tape works well as a quick prevention effort.

Interested in how the Cybereason platform works?

Learn More