Report: 9% of security incidents caused by USBs and other removable media

Join today’s leading executives at the Data Summit on March 9. Register here.

A new report from Expel found that attackers continue to recycle old tricks – this time the removable media and USB sticks. In January 2022, the report found that removable media was responsible for 9% of all incidents that were responded to. That increased to 20% for incidents where the initial infection vector involved a physical endpoint (in other words, deleting incidents with a cloud-based service).

Since this threat may not be the top priority for many, it’s a good reminder that old tactics are still in play. A 2016 study examining what people would do with a USB in a parking lot found that nearly 50% of people would plug an unfamiliar USB into their computer. While human curiosity is likely to be just as great in 2022, one can hope that with more people working from home, employees will be less likely to find and plug in a USB from the office parking lot.

While security awareness training has focused on unknown USB devices for years and some organizations require per-device approval before connecting to an asset, trusted USB devices continue to pose a threat to businesses.

Bar chart of expel.  Key Attack Vectors for January 2022: Phishing at 49%, Removable Media at 9%, Valid Credentials at 9%, and Web Delivery at 4%.

Trusted USB devices can be infected with malware variants that search for external storage devices connected to a victim host in order to infect them and spread further. This risk is much greater when endpoint users can move USB devices from personal devices to corporate assets.

In January 2022, Expel saw malware families AsyncRat, Valyrian, Gamarue, Agent Tesla, and Forbix attempting to spread via USB devices. Other generic malicious worms were also observed, including one used as a hidden VBScript script file on the device.

These malware variants would likely have attempted to infect other external USB storage devices connected to these systems had they reached the initial infection without detection.

With proven methods of the past booming, it’s a reminder that users and organizations can’t forget about proven attack methods while protecting against new trends.

The insights for this report were determined by analyzing data from all Expel customer incidents from January 1-31 2022.

Read the full report from Expel.

VentureBeat’s mission is to be a digital city square for tech decision makers to learn about transformative business technology and transactions. Learn more

This post Report: 9% of security incidents caused by USBs and other removable media

was original published at “”

No Comment

Leave a reply

Your email address will not be published.