Threat to USB Drives
By: Eric Vicencio
If you have attended one of the Eder Casella Technology Tech Talks, you may have heard us talk about how USB drives are often forgotten when identifying cyber threats to organizations. But they are a significant threat to your data. However, this threat has quickly moved into the spotlight. At the end of last year, threat actors have started sending USB drives to unsuspecting US-based companies. And the threat is continuing today.
So what is the threat?
The goal of these USB drives is to have employees plug them into their computers. Once plugged into your device, the attack is initiated, and ransomware is now spread to the now infected computer.
How are the USB drives getting into the companies?
According to the FBI, the most recent threats have arrived to companies in one of two ways. One way is Amazon packages being sent to companies containing the infected USB drives. The other is packages arriving via US Mail that appear to be from the Department of Health Services with COVID-19 guidelines. Both modes of delivery can be seen as totally normal to unsuspecting employees.
What should you do?
Eder Casella Technology’s approach to handling these USB drives is the same as any USB drive; if it does not belong to you, do not plug it into your device. When in doubt, bring any USB drive to your IT Specialist for inspection.
As always, we are here to help. Please do not hesitate to reach out to the Eder Casella Technology Help Desk for assistance.