• 07 3184 7575
  • May 23, 2024

There have been increasing reports of threat actors leveraging a classic malware delivery method in recent months: USB attacks. Continue reading this Cybersecurity Threat Advisory to learn how you can prevent these attacks and reduce risks for your customers.

What is the threat?

Major threat groups are relying on USB drives to deploy malware at organizations that are otherwise highly secured.

Why is it noteworthy?

With the rise of new technologies such as AI and machine learning, cyberattacks are becoming more sophisticated and harder to defend every day. Organizations are having to adapt to more advanced threats and it can be easy to overlook some of the classic methods. However, just because USB drive attacks are not shiny and new doesn’t lessen the potential impact. If the right protocols aren’t in place, malware can easily spread as soon as a malicious USB drive is plugged in.

What is the exposure or risk?

Many organizations, particularly those in the small business space, rely heavily on USB devices. They’re small, inexpensive, and portable, which makes them popular for storing/transporting files from one device to another. It’s these qualities that make them appealing to threat actors.

If malware from a USB device infects a machine on a network, it can easily spread to other computers. Any USB drives connected to infected computers can then be compromised, and the cycle continues.

What are the recommendations?

CSB recommends the following actions to prevent attacks through removable media:

  • Do not plug an unknown USB drive into your computer. If you happen across a USB drive, give it to the appropriate team (IT Department, Security Operations Center, etc.). Do not plug it into your computer to view the contents or to try to identify the owner.
  • To eliminate the risk nearly entirely, lock down USB access for endpoints in your organization. This can be done through methods like Group Policy or Endpoint Protection Platforms.
  • If an endpoint needs USB access, practice allow-listing specific devices rather than allowing all USB devices. Using endpoint protection software, enable the automatic scanning of external drives upon connection to ensure there are no malicious files present.


For more in-depth information about the recommendations, please visit the following links:

Previous Post
What Does a CISO Do, and How Can They Elevate Your Small Business?
Next Post
Cybersecurity Threat Advisory: Foxit PDF Reader vulnerability

Subscribe to our newsletter

Subscribe to our newsletter and get the latest updates on news, technology, tips, and tricks on how to securing your business.

Join Our Newsletter

Please complete this form to create an account, receive email updates and much more.
*Required Fields
Note: It is our responsibility to protect your privacy and we guarantee that your data will be completely confidential.