So in the last video, we learned what USB drop tax are on this video. We're gonna be learning why these attacks are so effective in terms of the human and in terms of the machine.
So why are U S B drop attacks so effective?
Well, the long and short of it is that they work and they work well, unfortunately,
um, the reason being is they rely on the weakest link things and security. And the weakest length is human beings. Unfortunately, people can harden systems and create stronger controls. But humans will always be the weakest length and security.
Now, these attacks play on the humans curiosity.
Uh, if human CIA device laying around that has potential juicy information, people who can't help themselves, and sometimes that's that's a good desire to die, desire to help people to see what's inside, to give it back to the person that may belong to, or maybe a little
more sinister, maybe
a desire just to snoop around the device to see what's on it. Any good information? Um,
now, Attackers, Attackers know this, and the leverage it Attackers will use thes desires to get victims to take these devices
Now they may further play on other human desires on dhe by naming the files that they may need victims to click on, Um,
for example, maybe maybe an attacker wants to leverage victims greed. So once, once the victim has the flash drive and is looking inside, maybe a tackle name a a malicious file like Bitcoin, while information
and Attackers may use other tactics, maybe maybe they'll they'll name something my *** pictures and make it look like it's a picture file. And instead, there's something else on that file,
and this kind of has a secondary, uh,
effect that Attackers are me. Relying, too, is is maybe the victims too embarrassed to admit they looked at that pile, so maybe they won't tell anybody where they work. So another win for the attacker there.
Now we can't really all blame humans. There is some blame to be placed on the machines. These devices get plugged into AA. Lot of times. These devices aren't doing any checking whatsoever on strange USB devices that get plugged in
now. I mean, there are some countermeasures you can scan devices for malware. Aah! Lot of times that's not honor me, though that has to be done by the human controlling the computer.
Now there is some. You can give some credit to certain operating systems such as Windows, these type of future called auto run. So if there was a file in there that was made a certain way, that vile run immediately, once the flash drive was was plugged into a device. Now they have what's called auto play, which
ask the person what they want to do with advice. But that's that's still
bare minimum of what device could do. Um, so all blame can't really be placed on humans, so some some devices have to take some of the blame here.