Why are USB and other removal drives still relevant and why is it a good idea to not use them?
1. Removable disks are still used by attackers
2. people are always eager to plug in a usb device
3. Low Operational Cost
While still more expensive than spear phishing campaigns, the low cost of USB drives make them an attractive tool for running malicious campaigns.
4. Provides hackers access to NETWORK NOT CONNECTED TO THE INTERNET
USB drives are an attractive infiltration method when targeting networks that are isolated from the Internet. According to some publications, this is how the CIA accessed North Korean networks.
5. EnablES Targeted Attacks
USB drivers are a common giveaways at conferences, enabling attackers to target a specific audience or industry. Attackers looking to gain access to a specific organization can spread USB drive in the company's facility, similar to the situation portrayed in this video.
Consider BLOCKing YOUR LAPTOP'S USB PORTS
We've heard stories about attackers inserting USB sticks into open ports on an unattended computers at trade shows, in hotel rooms and at coffee shops.
A common scenario plays out like this: At a trade show, attackers visit the booth of the vendor they'd like to steal information from. While a sales representative is talking to a potential customer, another person quickly slips a USB stick into an open port on the representative's laptop. The malware stored on the USB stick then executes. To prevent this from happening, physically block your machine's USB ports. If you don't have a port blocker, duct tape works well as a quick prevention effort.