Have you ever received a package in the mail from a seemingly reputable company containing a USB thumb drive? While I’m sure most of us are aware of the security vulnerability this poses, bad actors are spending significant marketing dollars to fool the population into believing this is a legitimate USB drive. But it’s not what’s visible on the drive, it’s what lies beneath.
This is known as a BadUSB attack; an attack that exploits an inherent vulnerability in USB firmware. Such an attack reprogrammes a USB device, causing it to act as a human interface device (keyboard emulation). Once re-engineered, the USB device is used to discreetly execute commands or run malicious programs, such as on the victim’s computer. This is nothing new – bad actors have been doing this for well over 20 years.
Recently, U.S. based firms have been the target of BadUSB attacks after some unsuspecting employees received envelopes containing a fake gift card, along with a USB thumb drive. The letter instructed recipients to plug the USB drive into a computer to access a list of items the gift card could be used to purchase. However, the USB thumb drive contained a BadUSB and when connected to a computer, the cyberattack was executed.
The FBI issued this alert on January 7, 2022 to be suspicious of unexpected gifts. The alert details how cybercrime groups are loading up USB sticks, and sending them to organisations in two variations. One imitating the U.S. Department of Health and Human Services (HHS) accompanied by letters referencing COVID-19 guidelines enclosed with a USB; and one arriving in a decorative gift box containing a fraudulent thank you letter, counterfeit gift card and a USB. All packages contain USBs which, if plugged into a device, could execute a BadUSB attack and infect the system with a dangerous malware software.
Standing guard against cyberattacks such as this is vital to your business. Cyber criminals do not sleep. They are always looking for, and often find, innovative ways to disrupt businesses, thus effecting revenue and reputation. Educating employees on the do’s and don’ts to protect your data and systems is an ongoing effort. It’s important to understand what data has been compromised, when it was compromised and how it’s affecting your business. Having the right data protection solution in place can help mitigate a cyberattack and eliminate the disruption to your business.
This is where Dell Technologies comes in. We understand that it is important to have a copy of your backup data in an isolated location, separate from your production environment. We recognise the importance to have an immutable copy of your backup data in that isolated location. We also know the importance of utilising intelligence to analyse your immutable copies over time to determine the integrity of your data. We understand that you need confidence in your ability to recover from a cyberattack.
Dell PowerProtect Cyber Recovery will give you that confidence in your ability to recover from a cyberattack through proven technologies, best practices and processes. The Cyber Recovery vault will physically and logically separate your data from your backup data and production environment. This synchronous process is triggered from within the vault by way of a secure air gap that allows only specific data to pass through. Once your data is within the vault, an immutable copy of the data is created to prevent any alteration of the content. Then a forensic analysis is done on the immutable copy to determine the integrity of the data. This intelligent process will crack open your data over time, compare it to the past and determine when and if you have experienced a cyber attack. In the end, Cyber Recovery will give you the last known good backup and allow you to automatically recovery your data, efficiently.
Dell PowerProtect Cyber Recovery will give you peace of mind in helping you secure, protect and recover data in the event of a cyber attack. Cyber attacks continue to evolve, but Dell Technologies continues to evolve to address them through innovative solutions and commitment to help our customers succeed.
Learn more about Dell PowerProtect Cyber Recovery here.
This blog features on Dell Technologies Global and US blog.