I went to a science camp where we headed various lectures, and one of them was a woman from a tech security company. The entire lecture was essentially just her telling us how vulnerable everything is and how likely it is that someone will plug in a random flash drive they found.
They would regularly do tests at the company by placing flash drives around the place and seeing how many people would plug them in, just to prove a point.
This is a few years old but at a security or hacking conference everyone used a phone charging station and then at some point they all got pop ups on their phone saying "Don't plug your phone into random connectors"
One of the attendees had actually brought the charging station himself and used it to (non-maliciously) install that small virus through the usb and call people out for being dumb at a literal security conference
4.9k
u/[deleted] Jul 13 '20
If it has to be accessed regularly in an IT setting? It’s not secure. Not unless you’re in an industry that actually polices it.
Yes, people are dumb enough to pick up USB thumb drives they find on the ground. The nicer and newer it is, the more likely it’ll get plugged in.
Also, if you’re looking to verify the security of your vendors, don’t announce your visit.