USB Infection

From BCMpedia. A Wiki Glossary for Business Continuity Management (BCM) and Disaster Recovery (DR).
Revision as of 11:09, 3 November 2020 by Kalaivani (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
1. USB infection refers to cyber criminals utilising portable media, a source of physical access, to bypass access controls by introducing toolkits that run directly from the device.

Note (1): Unsuspecting employees that are unaware of the dangers can also introduce malware into their work stations. Related Term: Conduit Devices







Click to know more about expert level training

(Source: Business Continuity Management Institute - BCM Institute)

 

A Manager’s Guide to Business Continuity Management for Cybersecurity Incident Response

2. Digital denizens are familiar with the USB flash drives given away at trade shows, conferences, information booths and the like. Some are even sent to recipients via snail mail, pre-loaded with useful marketing data and pre-configured to auto-link to websites upon initiation. These handy devices are ubiquitous among swag bag collectibles along with ink pens that don't work, stale mints and badge lanyards of all descriptions. However, unlike the other conference detritus, these drives can carry a dangerous payload.
Source: (Verizon, 2016)

3. USB devices, and other portable media, represent a significant threat to organizational security. Threat actors with physical access can introduce toolkits, built to run directly from the USB device itself, to bypass access controls. Employees curious about content on USB devices can also introduce malware to their work systems.
Source: (Verizon, 2017)