USB Drop Attacks

USB drop attacks target our desire to help others, whether it be picking up trash off of the sidewalk, some trash to throw away, or something to recycle.

As humans, most of us are curious to a fault. Picture an innocently curious businessman going about his day and picking up a USB drive he found on the ground with the full intention of finding its owner and returning it to them. In order to figure out who that USB drive belongs to, he should plug it in to his computer and check it out, right? Wrong. Plugging in a mysterious USB into your work or personal computer, even if it’s just out of curiosity, can lead to malicious viruses on your computer and can even spread throughout your entire network.

In a study conducted at a university, 300 USB drives were dropped on the ground. 98% of those USB drives were picked up and 45% of them were plugged in and opened. This type of attack is easy and inexpensive for scammers to execute and the repercussions can be immense. There have been reports of USB attacks used to remotely hack into computer systems and also spy on competitors. 

Simply put, never plug an unidentified USB drive into your computer. Turn it in to your supervisor or IT department so they can take care of it in a professional manner that won’t infect whole networks with viruses. Better yet, just don’t interact with any strange USB drive you see sitting anywhere. It is also important to protect your own USB drives and make sure to not leave them anywhere someone could easily pick it up or switch it out for one with malicious content. Furthermore, be careful with any sensitive or confidential information you put on a USB drive because something so small could easily be stolen or replaced in a matter of seconds. 

Authors Mia and Milan are seniors at Northlake Christian High School in Covington and interns here at Yes Tech. They are researching Cybersecurity threats and sharing prevention tactics to increase Cybersecurity awareness in young adults.