With new reports of data breaches seemingly occurring on a monthly basis, companies are regularly encouraging users to change their passwords to protect personal and financial information. The most recognizable methods of attaining this information are keyloggers, phishing scams, Trojans, and more recently the Heartbleed bug, which may still pose a threat to users who assume that the problem has been fixed.
However, there is another method for gaining access to data that many people overlook but that has been prevalent for some time: USB devices.
In the past, a person with malicious intent was required to manually copy data onto a removable USB device, but hackers are now able to create devices that are undetectable when plugged in to the USB port. With the help of tiny chips that can be hidden in the USB drive itself, the device can be controlled remotely and discreetly, leaving the owner completely unaware. This adaptation of “old school” hacking techniques can be easily mastered by simply typing the phrase “USB drive auto hacking” into a search engine, which will pull up easy-to-follow written instructions and video guides.
In an interview with E-Commerce Times, Jim Stickley, CTO of TraceSecurity, noted the importance of physical security when dealing with cyber threats.
“On the physical side, about 80 percent of all security breaches involve lapses in access policies,” he said. “We usually have a back story to tell as we acquire the company’s background. We make it look like we’re supposed to be there. Once we are inside, the people who should know better than to leave us alone don’t escort us from place to place.”
[ Image courtesy of creativedoxfoto / FreeDigitalPhotos.net ]