Cyber warfare can mean many things to different people, but really it is a day to day battle. Your company’s security team works day in and day out to protect your company’s data from being compromised, but hackers are persistent.
One way that has been very successful is through a Candy Drop!
A Universal Serial Bus (USB), or Flash Drive, can be used as a “Candy” drop. This is when a cybercriminal will leave USB drives scattered across locations where noisy or concerned citizens will take that drive and plug it in to the computer, allowing the hacker to infect or get remote access to a company’s computer.
A 2006 study, performed by the University of Illinoise and University of Michigan, dropped 297 USBs on a university campus, of the 98% of found devices that were picked up, 45% were plugged into a computer. Either the person who found said USB wanted to be a good citizen and find the owner, or someone thought they got lucky and could wipe it to get a free memory stick. In reality, they just opened the door wide for hackers to get through.
Malicious code is one of the most common types of drops, where a hacker creates fake files within the USB drive. Once the unsuspecting user opens the file, it spreads malware throughout the computer and network, Social Engineering the unsuspecting user to a phishing website, to trick the user into giving their login credentials.
A particularly well-known example of a candy drop attack is Stuxnet, a computer worm that infected software at industrial sites in Iran, including a uraniumenrichment plant. The virus targeted industrial control systems made by Siemens, compromised the system’s logic controllers, spied on the targeted systems, and provided false feedback to make the detection even more difficult to find.
The truth is everyone is hackable! While companies spend millions of dollars protecting your information, we as individuals must do our part in protecting ourselves. When you see a USB drive on the sidewalk, pick it up and throw it away! While the considerate may want to return the lost item, it’s not worth the risk of getting yourself, or your company, hacked.
ISG Grizzly Shield Security Services
We take an easy three step approach to helping organizations Secure their AWS environment:
Pinpoint – Understand the level of maturity your security program has achieved and the possible gaps that may be present.
Jump Start – Develop Project plan/Roadmap for initiatives required to bring your Organization to the point where 24 X 7 monitoring can be leveraged, and data consumed by an MSP or internal staff or a combination of the two.
Monitoring, Training, and Ongoing Management – 24 X 7 monitoring and alerting based on defined SLAs.