Device control

In a recent tweet we highlighted the lack of controls placed on USB devices in organisations across most verticals.

Considering the potential harm that could come from plugging in a USB device, the

lack of controls and visibility of USB device usage present in most business networks is startling. Whether it is masquerading as a keyboard and typing in commands or pretending to be an Ethernet Adaptor and hijacking controls, USB devices do pose a massive threat to business.

There have been many high profile instances of USB device related breaches like the International space station and of course I couldn’t cover this topic without mentioning Stuxnet (the worm that is credited to be the cyber-kinetic weapon that used USBs to propagate onto “air-gapped" networks). Nowadays, with bans either being drafted or placed on certain worldwide brands USB device usage has started to become a compliance issue.

Now, you may think it’s fine we just won’t plug in devices that we aren’t sure of, but this