The Strongroom

Tech Perspective: How Much Damage could a Rubber Ducky do to Your Business?

15 August 2016

Security

In the dark work of hacking a “rubber ducky” is a tool that looks like any USB drive, which hackers can easily buy off the internet and then program to do almost anything on a computer, once inserted into the USB drive.

For example it could be programmed to:

  1. Disable the anti-virus software installed on a machine, so a predator could then follow up with a virus, or;
  2. Copy passwords and login information to access business networks, or;
  3. Change documents or any other sensitive information, or;
  4. Send an email from your account to any of your contacts.

As it looks like any other USB, there are multiple ways that a hacker could gain access to a computer, including:

  • Placing the USB into an unlocked, unattended computer
  • Leaving it somewhere with a label that sparks curiosity
  • Sending it as a promotional gift
  • Colleague to colleague sharing of USB files

This is one way cyber-criminals can target people within an organisation to steal business data. It is less recognised, and harder to contain than traditional “hacking”, which is targeted at exploiting weakness in technological defences.

The best defence against these sort of malicious attacks is to combine a robust threat protection and detection technologies with an engaging employee awareness and education program.

Both technological and human defences, detection and response programs have to be properly owned and governed to ensure longevity, as cyber-threats will only keep evolving, and business data and IP will only increase in value to you and to cyber-criminals.

We will be hosting an event in October, where three industry experts will provide a step-by-step guide to how your company can adopt best practices to help mitigate the risks associated with cyber-attacks, including rubber duckys. Please get in touch below if you are interested in attending.

Make sense of the new world order. Join us on LinkedIn for news and views that will keep you at the leading edge of cyber security.

Join the Strongroom
Join The Strongroom and get a regular round-up of news and views to keep you up to date with the fast moving world of cyber security.