Back in the day, hackers used to send infected USB drives to a victim. Of course, the victim would plug it into their computer. Maybe they thought it was a free gift, or perhaps someone had sent it by mistake. What would it hurt to use the free USB drive? That question cost many people disabled and compromised machines.

This ancient USB cyber scam went by various names, such as Rubber Ducky attacks, PoisonTap, and many others. This method was common for years until everyone became wise and stopped using just any old USB they found or were given.

However, we have some bad news for you. Cybercriminals are reviving this ancient cyber scam, so you and your employees need to be on the lookout for it.

The Attack is Called BadUSB—How Does It Work?

You or your employees may receive a package delivered through the post or another parcel delivery service. The package contains one or more USB drives that come loaded with malware and other cyber nasties. The malware allows the criminal to take control of the device the USB drive has been plugged into. All that’s needed is for someone to plug the USB drive into the USB port, and the malware is activated. It’s that simple.

But there’s more to the scam than that. After all, most people know better than to plug a USB drive into their computer. This is where social engineering comes into play. For instance, the criminals may claim the USB drive contains urgent information or warnings or that the drive was an Amazon gift from a friend. These messages are enough to get someone to plug the drive in, unaware they’re doing exactly what the cybercriminal wants them to do.

Once the USB drive has been plugged into a computer, the USB port is immediately compromised and can be manipulated by the criminal. The criminal can make the port look as if another device is installed (such as a mouse or keyboard). The fake devices can then be remotely controlled by the cybercriminal and used to cause major damage.

For example, the fake keyboard or mouse can be used to take complete control of a computer and download additional malware. It’s also possible for criminals to steal company data, install ransomware, and so much more.

Another example is that a criminal may mail a USB drive to someone at a business. This time, the criminal makes the USB drive appear as if it’s been sent by Microsoft. The USB and packaging bear the Microsoft log and more. The person who opens it may believe this is an upgrade from Microsoft or another piece of software. They follow the directions, plug the drive into the USB port, and it’s all over. They’ve unwittingly installed malware.

So, what can you do to keep yourself and your business safe from these BadUSB attacks?

We’ve put together some information you can use to keep you and your employees safe from these social engineering attacks that use an ancient method to cause mayhem and damage.

Stay Safe from Malicious USB Drives

Here are some methods you can use to ensure you and your business are safe from BadUSB attacks.

1. Be Wary of USB Drives

If you or your employees are given (or find) a USB drive that doesn’t belong to you or the company, don’t plug it into a computer. Instead, ask an IT professional to analyze the device safely.

2. Disable USB Ports

These days, it’s not all that necessary for employees to plug additional devices into their computers. So, you may want to consider disabling access to USB ports. This is a simple method to block any unused ports. And it’s possible to restrict access to these ports through administrative privileges.

3. Disable Autorun

Some employees may need access to their USB ports. In that case, consider disabling the autorun feature on their computers. The autorun feature allows USB drives to automatically open and activate their contents after being plugged in. But if autorun is disabled, it’s possible to view the drive’s contents before running it.

4. Prevent Data Theft via USB

Next, you can block sensitive data from being copied or moved to external storage devices. This can be done by reporting each time a file is accessed and speeding up post-incident forensic analysis.

5. Use Behavior Monitoring Tools

Certain tools can prevent automated scripting attacks via USB. This is done by detecting when the keyboard is being used to type faster than humanly possible. Scripts execute commands quickly, which is not natural. The tools can identify and stop malicious action before the criminal has a chance to do anything bad.

6. Use Enterprise Device Control

Another way to stop BadUSB attacks is to use specialized software for device control. The software implements multiple policies and monitoring techniques to keep users from plugging in unverified devices.

7. Work-Life Balance

If employees use a USB drive for work, advise them to keep it separate from personal devices to avoid transferring malware from their home computers to your business network. It’s also possible to scan work USB devices with antivirus and anti-malware software and use encryption software to keep criminals from accessing your data.

 

8. Get Off the Net

If you or your employees have a USB drive and you’re not sure what’s on it, it’s possible to try using the device on an “air-gapped” computer. “Air gapped” means the computer’s not connected to the Internet or the company network.

Unfortunately, even using an air-gapped computer is not foolproof. There have been examples of where an air-gapped network was compromised by a bad USB. So, it’s best to keep the computer off the company network and the Internet. The computer should not be connected to anything else, and it should only be used to test devices for malware.

In addition, if you have a USB drive that may be suspect, this device should not be connected to any other computers on your business network.

Training Employees

As with other types of cyberattacks, training employees on what to watch for is also essential to your company’s security. It’s also important to have policies in place on how data is handled, who has access, and more.

Teach employees about cyber threats and how these attacks can harm the business. And remember to have employees create strong passwords and change them regularly.

Summing It Up

Cybercriminals are always looking for new ways to steal data and more. However, they do rely on ancient methods at times, such as the BadUSB attack.

Training employees on how to avoid these attacks and using the other methods in this article can keep you and your business safe from BadUSB and other cyber threats.