Caution-Free USB Drives
While attending a recent technology conference in Florida, we were somewhat shocked, bewildered and concerned by the sight of rather plain cardboard boxes positioned near the entrance to the conference tradeshow floor (pictured below) – offering Free USB drives.
The boxes were empty and USB drives are a common giveaway item at tradeshows. However, we couldn’t help but wonder if those who helped themselves to a free drive – had considered the possibility that these drives were loaded with PC crippling malware.
Unfortunately, no one has claimed responsibility and we have no way of knowing if the offer of these drives was simply an act of generosity, a social experiment or a malware trap.
However, our good friends at CompTIA recently published findings of a experiment with striking similarities:
CompTIA Cyber Secure:A Look at Employee Cybersecurity Habits in the Workplace
“Nearly one in five people who found a random USB stick in a public setting proceeded to use the drive in ways that posed cybersecurity risks to their personal devices and information and potentially, that of their employer, a recent experiment conducted on behalf of CompTIA, the IT industry association, revealed.”
“In the experiment, 200 unbranded USB flash drives were left in high-traffic, public locations in Chicago, Cleveland, San Francisco and Washington, D.C. In about one in five instances, the flash drives were picked up and plugged into a device. Users then proceeded to engage in several potentially risky behaviors: opening text files, clicking on unfamiliar web links or sending messages to a listed email address.”
“Notably, consumers’ technology literacy was not a determining factor for whether a USB stick was picked up or not.”
Read more on the CompTIA social experiment here: https://www.comptia.org/resources/cyber-secure-a-look-at-employee-cybersecurity-habits-in-the-workplace?cid=download