The new Trojan Horse
Via ComputerWorld, the FBI is investigating mysterious laptops that were sent to several US Governors' offices. It seems nobody ordered the computers, and officials are concerned that this might be an attempt to get malware inside the network security perimeter.
USB flash drives and memory cards are also useful for this type of attack due to the natural inclination to plug it in after you find it.
Criminals have tried to put malware on USB devices and then left them outside company offices, hoping someone would plug them into a computer and inadvertently install malicious software on the network. Many Windows systems are configured to automatically run software included on CDs and USB devices using a Windows feature called AutoRun.
The key to preventing these attacks is to have automated USB security policies in place. Users should be restricted to only company-issued devices that have built-in hardware security features. All other devices should be blocked from company networks using group policy or endpoint security, which can be implemented with Kanguru Remote Management Console.