Difference between revisions of "USB Infection"
Line 2: | Line 2: | ||
{| style="margin-left: 0px; text-align: left; font-style: none; width:100%; font-weight: none; background: #F0F0F0; border:1px" | {| style="margin-left: 0px; text-align: left; font-style: none; width:100%; font-weight: none; background: #F0F0F0; border:1px" | ||
|- | |- | ||
− | | '''1.''' [[Cyber_Criminal|Cyber criminals]] utilising portable media, a source of physical access, | + | | '''1.''' USB infection refers to [[Cyber_Criminal|Cyber criminals]] utilising portable media, a source of physical access, to bypass access controls by introducing toolkits that run directly from the device. |
− | Related Term: [[Conduit Devices]] | + | '''Note (1):''' Unsuspecting employees that are unaware of the dangers can also introduce [[Malware|malware]] into their work stations. |
− | {{Bcm Institute Source}} | + | Related Term: [[Conduit_Devices|Conduit Devices]] {{Bcm Institute Source}} |
|} | |} |
Revision as of 07:45, 31 August 2017
1. USB infection refers to Cyber criminals utilising portable media, a source of physical access, to bypass access controls by introducing toolkits that run directly from the device.
Note (1): Unsuspecting employees that are unaware of the dangers can also introduce malware into their work stations. Related Term: Conduit Devices
|
2. Digital denizens are familiar with the USB flash drives given away at trade shows, conferences, information booths and the like. Some are even sent to recipients via snail mail, pre-loaded with useful marketing data and pre-configured to auto-link to websites upon initiation. These handy devices are ubiquitous among swag bag collectibles along with ink pens that don't work, stale mints and badge lanyards of all descriptions. However, unlike the other conference detritus, these drives can carry a dangerous payload.
Source: (Verizon, 2016)
3. USB devices, and other portable media, represent a significant threat to organizational security. Threat actors with physical access can introduce toolkits, built to run directly from the USB device itself, to bypass access controls. Employees curious about content on USB devices can also introduce malware to their work systems.
Source: (Verizon, 2017)