The role of USB sticks in spreading viruses and malware is well documented but a report from Internet security company Kaspersky highlights how even today the lure of using "picked up" sticks remains high.
In 2016, researchers from the University of Illinois left 297 unlabelled USB flash drives around the university campus to see what would happen. Ninety-eight per cent of the dropped drives were picked up by staff and students, and at least half were plugged into a computer in order to view the content.
USB devices have been around for almost 20 years, offering an easy and convenient way to store and transfer digital files between computers that are not directly connected to each other or to the internet. This capability has been exploited by cyberthreat actors, most notably by the Stuxnet worm in 2010, which used USB devices to inject malware into the network of an Iranian nuclear facility.
These days cloud services such as Dropbox and Google Drive have taken on much of the heavy lifting in terms of file storage and transfer, and there is greater awareness of the security risks associated with USB devices. Their use as an essential business tool is declining. Despite this, millions of USB devices are still produced and distributed annually, with many destined for use in homes, businesses and marketing promotion campaigns like trade show giveaways.
USB devices remain a target for cyberthreats. Kaspersky Lab data for 2017 shows that every 12 months or so, around one in four users worldwide is affected by a ‘local’ cyber incident. These are attacks detected directly on a user’s computer and include infections caused by removable media like USB devices.
The full report can be seen here.
65000 GDPR Data Breaches In Europe To Date
European privacy authorities have received almost 65,000 data breach notifications since the EU's new privacy law went into full effect. In addition, regulators in 11 European countries have imposed $63 million in General Data Protection Regulation fines.read more
More than half of British firms 'report cyberattacks in 2019'
The proportion of UK firms reporting a cyberattack has jumped, despite most businesses admitting they are under-prepared for breaches, according to research from Hiscox reported by the BBC. The insurer found 55 per cent had faced an attack in 2019, up from 40 per cent last year.read more
Sloppy IT Processes Risk Cyberattacks - McAfee
McAfee this week published a report that turns familiar survey findings on their heads by reporting that most cybersecurity breaches are the result of lax IT processes rather than mistakes made by end users.read more
Cybercrime Soaring Reports MalwareBytes
Cybercrime is accelerating at a worrying rate, reports MalwareBytes in its Q1 2019 report. Every quarter that goes by shows more alarming data as to how much cybercrime activity is going on out there, with organizations and companies being called to face and deal with an increasing amount of threats, coming literally from everywhere.read more