Blake Dowling
Usually, cyber threats come in via email, text or phone. We’ve all seen and heard them.
Instances of “click here to verify your info,” “have you seen these pix from last night?” or “please provide your credentials to us” have been coming for years from hackers; people are starting to get pretty good at recognizing these threats.
There is one method of hacking that we have not seen in a while and is making a comeback.
All this month, the FBI is warning about a hack that involves a USB drive loaded with malware.
Like the situation in Florida a couple of years ago with alleged Chinese spy Yujing Zhang, who was caught with several electronic devices including a USB drive. She was caught and apprehended trying to sneak into Mar-a-Lago while then President Donald Trump was visiting. She claimed she was a tourist, which is unlikely, but either way, she is now deported. Did she have a drive she was trying to pass off and get someone to plug in? It would certainly appear so since it appears that one Secret Service agent was actually duped.
You would think this kind of thing would be easy to prevent and spot but the worst breach in the history of our US military went down this way. A foreign intelligence agent did, in fact, use a small USB drive to infect and establish a “digital beachhead” at one of our Middle Eastern bases.
Since that 2008 incident, USB devices are banned from military installations to make sure it does not happen again.
How about at your organization? Are staff allowed to plug in anything they come across? Hopefully not, these attacks are happening now, and one could land on your desk any day.
In this latest threat, there are no intelligence agents knocking on your door trying to infect your network with malware. Instead, cybercriminals are pressing the easy button and mailing the USB drives right to your door.
As you can see from these pictures, a nice decorative box arrives at your office one day and sits on your desk for a while. You finally get around to opening it up — it’s a gift card, letter, or USB drive appearing to be from Amazon (all fake) thanking you for your business.
I get random swag from partners all the time; would someone here fall for this? Would you?
Brief your team now in case they happen to make the mailing list for one of these ransomware gangs. Insert the drive, and some of the most malicious ransomware strains would be deployed in your office.
The FBI references two groups that are possibly involved: BlackMatter and REvil.
As a reminder, this is how it goes down. You insert the drive and WHAM (not the George Michael one), the malicious code freezes all your files and demands payment to unfreeze them.
To be clear, within a few seconds, this malware spreads to everyone in your network. Adding further insult, if you don’t pay the hackers, they threaten to post your files online.
Depending on what line of work you are in, that could make for an extremely bad day.
2022 is in full swing and so are cybercriminals. They will continue to recycle old tricks — like bogus USB drives — and they will also produce some new tricks that we have never seen before.
Be safe out there Florida and happy new year.
___
Blake Dowling is CEO of Aegis Business Technologies and can be reached at [email protected]. He also hosts the Biz & Tech podcast and is the author of “Professionally Distanced,” now available at Amazon.
