You have a valid point, but the problem is also that you cannot safely check the contents of a USB stick on e.g. Windows by default. That is the system's fault, not the user's.
That they plugged it into a corporate network prior to checking elsewhere first is, yes, stupid. And people need to be taught better about things like that - Stuxnet wouldn't have been half the threat if people didn't plug things into business computers without taking precautions. That they plugged it into a computer is not.
That they plugged it into a corporate network prior to checking elsewhere first is, yes, stupid. And people need to be taught better about things like that - Stuxnet wouldn't have been half the threat if people didn't plug things into business computers without taking precautions. That they plugged it into a computer is not.