At a time when the risks of AI-powered and advanced email-borne cybersecurity threats dominate the news agenda, it might be easy to overlook the dangers of some of the age-old attack vectors that continue to be exploited by cybercriminals.
For industries that rely on removable media – such as USB drives – there is a continued need for vigilance as these devices have the potential to trigger damaging and highly costly cyberattacks.
The resurgence of USB-based attacks
USB devices are commonly used in a number of core Critical National Infrastructure (CNI) sectors such as manufacturing, utilities and healthcare. These sectors rely on USB drives to transfer data in environments with limited or no internet access, such as air-gapped systems that isolate critical assets and data from external networks for security purposes.
In operational technology (OT) environments USB drives are often the only practical way to transfer data between systems that are deliberately kept offline, making them a common tool for software updates or data migration.
This widespread use makes USB drives a prime target for cyberattacks. One prominent example is the Sogu malware, deployed by the hacker group UNC53, which used infected USB drives to infiltrate multiple organizations last year. This campaign targeted industries in countries like Egypt and Zimbabwe, where USB drives are integral in day-to-day business operations.
Recent USB-based attack techniques have grown in sophistication, often bypassing advanced security layers by exploiting the inherent trust between the USB device and the host.
Longstanding techniques like “Rubber Ducky” keystroke attacks, which silently copy user activity and send information back to the attacker’s host system, are being deployed in new ways. For example, some human interface devices (HIDs) like mice and keyboards can have their firmware modified to inject the keystrokes to install covert malware.
A favorite for penetration testers and social engineers alike looking to entice unwary employees or visiting partners to pick up and insert a compromised…
Read full post on Tech Radar
Discover more from Technical Master - Gadgets Reviews, Guides and Gaming News
Subscribe to get the latest posts sent to your email.