Organizations sometimes fail to consider the true risks that insiders pose to their cybersecurity. Yet, internal risks are every bit as dangerous and damaging as the external ones, even if there is not malicious intent.
Find out if any of these top 5 insider threats are occouring in your business today!
We Continue our Security Awareness Training by addressing some of the most common challenges for organizations who are now having to protect users, data, and clients while workers connect remotely or at the office to corporate systems.
Our focus will be to help you better understand what Seeding is, what it can do, and how to prevent a malicious seeding event at the office or remote, let’s get started!
What is “Seeding”?
Seeding is a type of social engineering attack often used to launch Malware into a computer or network. Attackers use USB/ “thumb” drives to infect other computers with malware that can detect when the USB drive is plugged into a computer. A tactic that is used is simply dropping or “seeding” these infected drives around office complexes, parking lots, etc. and the allure/ curiosity in this scenario can be deadly to that curious individual who picks it up and plugs into work or home systems. Once an infected device is plugged in the malware in the USB then downloads malicious code onto the drive, this is where the issues begin, and they can be as nasty as anything else out there today!
Another way Seeding occurs is when a user places a clean USB into an (often unknown) infected device. The purpose of using these is to temporarily store and share data, so a user will then take the now infected USB with the stored information and use it on another device… which it then infects.
How can I reduce the risk of falling victim to a Seeding attack?
We all have been told that “curiosity kills the cat” and I’ll admit it is hard to not pick one of these up off the parking lot and try to return or see if it is a good drive. The best way to reduce the risk of a seeding incident is by simply not rolling the dice. Don’t plug in any unknown USB/ Thumb drive into anything! if you are concerned it may have corporate information on it, take it to your technical team to scan the device prior to using.
We hope this has been helpful, please continue to look for our follow up in the Security awareness series with more Recognizing a Cybersecurity threat scenarios, and more!
PCS Managed Services strives to provide a Stable, Secure, and Productive environment for its clients, and is here to help you! For more information, please call us or email us at firstname.lastname@example.org for more information on how we can help better protect your team.