Cyberattacks: Beware of malicious and infected USBs!

[msttasnuvanava]

Have you ever received a package in the mail from a seemingly trustworthy company containing a USB drive? While I'm sure most of us are aware of the security vulnerability this poses, hackers are spending significant marketing dollars to trick the public into believing that this is a legitimate USB drive. But it's not about what you see on the drive, it's about what's underneath.

This is known as a BadUSB or Bad Beetle USB attack ; an attack that exploits a vulnerability inherent in the USB firmware. Such an attack reprograms a USB device, making it act as a human interface device (keyboard emulation). Once reprogrammed, the USB device is used to discreetly execute commands or run malicious programs, for example on the victim’s computer. When the USB was removed, the PC continued to function properly and without any issues, however, it would then start installing additional malware to introduce ransomware into compromised networks. This is nothing new – hackers have been doing this for over twenty years.

Recently, US-based companies have been targeted by BadUSB attacks after unsuspecting employees received envelopes containing a fake gift card, along with a USB drive. The letter instructed recipients to plug the USB drive into a computer to access a list of items they could purchase with the gift card. However, the USB drive contained a BadUSB, and plugging how to get uk number for whatsapp computer triggered the cyberattack.

The FBI issued this alert on January 7, 2022, to be wary of unexpected gifts. The alert details how cybercriminal groups are uploading USB flash drives and sending them to organizations in two variants. One that imitates the U.S. Department of Health and Human Services (HHS), accompanied by letters referencing COVID-19 guidelines and attached to a USB; and another that arrives in a decorative gift box containing a fraudulent thank you letter, a fake gift card, and a USB. All of the packages contain USBs that, if plugged into a device, could execute a BadUSB attack and infect the system with dangerous malware.

These attacks are known as ‘HID’ or ‘USB drive-by’ attacks and are only successful when victims are willing to plug the USB device into their computers . BleepingComputer adds that “companies can defend against such attacks by only allowing their employees to plug in USB devices based on their hardware ID or if they are vetted by their security team . ”

Guarding against cyberattacks like this is vital to your business. Cybercriminals don't sleep. They're always looking for, and often find, innovative ways to disrupt businesses, thereby impacting revenue and reputation. Educating employees on the do's and don'ts of protecting their data and systems is an ongoing effort. It's important to understand what data has been compromised, when it was compromised, and how it's impacting the business. Having the right data protection solution in place can help mitigate a cyberattack and eliminate disruption to your business.

This is where Dell Technologies comes in. We understand that it is important to have a copy of your backup data in an isolated location, separate from the production environment. We recognize the importance of having an immutable copy of your backup data in that isolated location.

We also know the importance of using intelligence to analyze immutable copies over time to determine data integrity. We understand that confidence is needed in the ability to recover from a cyberattack.

Dell PowerProtect Cyber ​​Recovery will give you that confidence in your ability to recover from a cyber attack through proven technologies, best practices and processes. The Cyber ​​Recovery Vault will physically and logically separate your data from backup data and the production environment. This synchronous process is initiated from within the vault by means of a secure airspace that only allows specific data to pass through.

Once your data is in, an immutable copy of the data is created to prevent any alteration of the content. A forensic analysis of the immutable copy is then performed to determine the integrity of the data. This intelligent process will decrypt your data over time, compare it to the past, and determine when and if you have suffered a cyberattack.

In the end, Cyber ​​Recovery will provide the last known good backup and allow you to automatically recover your data efficiently.

Dell PowerProtect Cyber ​​Recovery provides peace of mind by helping to secure, protect and recover data in the event of a cyberattack. Cyberattacks continue to evolve, but Dell Technologies continues to evolve to meet them with innovative solutions and a commitment to helping our customers succeed.

You may also be interested in: How to make better decisions against cyberatt