If you find a charging cable or drive on the ground, floor or in general one that you did not purchase from a reputable vendor, then walk away, do not pick it up. Forget you ever saw it. These devices if plugged into a computer can wreak havoc on all computers or devices on the network. Both can allow a hacker to get access to your computer, steal passwords, access bank accounts, install whatever software they want…think malware or cryptolocker type ransom software. Even worse they would be able to infect other computers on your network.
Even worse they would be able to infect other computers on your network.
The rubbery ducky by Hak5 was originally created to save time typing. The inventor was tired of retyping the same commands over and over when he sat in front of a workstation to configure it. The image to the left shows an early version. With modern versions you cannot visually tell the difference when compared a normal USB drive. White hat hackers/penetration testers (the good guys) have been using them for years so they could test a customer’s cyber-security. To purchase one of these it will set you back $50 USD. Others have found much cheaper ways to emulate the rubbery ducky. A simple Google search will list instructions to create your own for a few dollars.
Recently I heard of a USB charging cable that would allow a hacker run commands as if they were sitting in front of your screen. This cable called the O.MG cable has a wi-fi implant which is powered by your computer and let a nearby hacker (down the hallway or in the parking lot) take over your computer. To top it off this cable looks no different than a proper charging cable and it will still charge your phone as expected. Imagine a bad actor walking around your office and swapping your charging cable with his while you leave your office temporarily. Your antivirus or anti-malware will not catch it, your computer will not know the difference and neither will your IT team. You are pnwed.
For more information on cyber-security and how you can keep you and your staff safe, contact TELECO’s sales team at 807-346-7264 or use the Contact us form.
