If  a  USB  stick  with  corrupted  firmware  can  be  sent  to  the  right  people  in  a  spear  phishing  attempt,
            alongside messaging or other communication of a convincing story that means the drive in question gets
            used, criminals can easily gain a point of unfettered access to a network. The same attack, leveraging
            badUSB, can now be delivered through a simple USB cable which, to the naked eye, looks like any other
            cable.



            How to spot and mitigate a bad USB in 2022


            Unfortunately, because badUSB threats are Trojan horsed in simple human interface devices, they can
            be almost impossible to detect if not picked up by constant monitoring of the specific endpoint. Unknown
            USB devices cannot be trusted - yet Apricorn's survey reveals that often, trust is misplaced. This means
            that organisations increasingly need to ensure mitigation is already in place at all times.

            Typically, this must be achieved without resorting to a blanket ban on USB-enabled devices, which are
            ubiquitous and frequently vital today when it comes to moving and storing data, especially in a hybrid
            working environment where some work from home, and others in the office.

            The good news is, mitigations can be easily and affordably achieved by mandating the use of corporate-
            standard  USB  devices  with  high-level  encryption  and  firmware  implemented  in  a  way  that  makes  it
            impossible to modify for this exploit - right across the entire organisation.


            The policy can then be enforced by locking down USB ports on employee machines to ensure they can
            only accept an approved USB device.

            Of course, such a policy will also cover off the need for a solid 321 backup strategy that requires a secure
            offline, off-site back-up of all critical data along with a further copy on another medium or in the cloud, for
            disaster recovery should the worst happen regardless.

            Over half of the US and UK organisations we polled in late 2021 revealed that they had lost data due to
            inadequate backup procedures.

            Even government departments can fall prey to such oversight - luckily, our own investigation revealed
            that many also encrypted their data - another key to threat mitigation overall. All data should be encrypted,
            whether in transit or in storage, to ensure that even if information falls into the wrong hands, it cannot be
            accessed.

            Modern software-free, 256-bit AES XTS hardware-encrypted USB drives can therefore play a critical role
            in covering off many critical security and privacy requirements, while maintaining fast, convenient access
            for approved users at all times, wherever they are working.

            Backed up with workforce-wide education - including at management level - around the threat, specifying
            the risks associated with using unsanctioned USBs as well as the role employees must play in countering
            such threats, operate as a strong, effective defence in most circumstances, as part of a multi-layered
            security strategy.







                                                                                                            163