Hacker News new | past | comments | ask | show | jobs | submit login

Add one more item to the list of things to keep the Chief Security Officer up at night... though I've got to imagine this type of attack is at least a decade old even if it's only becoming well known right now. I've got to wonder if spear-phishers have been able to combine this type of attack with getting someone at a company to buy/accept and plug in some type of electronic novelty device...



Why even bother with a novelty? Send some USBs or even drop a few outside the building. Curiosity is a massive vulnerability


I work close to IT (being software) for a company ~400 people. We were doing a security audit and this is one of the things they tested. USB's were loaded up with curious sounding files that when opened alerted our IT department. It was shocking how many people picked up and used these random USB's they found laying around.


> It was shocking how many people picked up and used these random USB's they found laying around.

"Oh no some one lost their USB stick! I better plug it and try to figure out who so I can return it."


>curious sounding files

You left out the good part, what sort of file names did you use?


settlement_proposal.docx 2019-05-25_bachelor-party.mov GAME_OF_THRONES_S1E06.mp4 salaries.xlsx




Applications are open for YC Winter 2020

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: