In a test of network security by New York-based security audit firm Secure Network Technologies at a local credit union, 15 out of 20 scattered USB drives were found and subsequently plugged into computers by employees, The Register reports.According to Steve Stasiukonis, vice president and founder of Secure Network Technologies, the test confirmed that employees play a key role in a company’s security and that many workers still do not understand the danger of USB drives.While many companies focus on malicious viruses and trojans that are e-mail based, the article states that USB keys have become a popular way to sneak data out from companies.Almost 37 percent of businesses surveyed by the Yankee Group in 2005 blamed USB drives for contributing to the disclosure of company information. Nearly two-thirds of the leaks resulted in some disruption to the business units involved, according to the analyst firm. After analysts flagged iPods as a potential threat, corporate security professionals looked at all removal storage with more suspicion, Vladamir Chernavsky, CEO of AdvancedForce InfoSecurity Solutions, told the Register. Yet, because USB drives are easy to use and extremely portable, they have become perhaps the most popular choice for transporting modest amounts of data.The twin lures of curiosity and utility, in the end, make USB drives a powerful Trojan horse, Secure Network Technologies’ Stasiukonis told the Register. “Social engineering is always the easiest way to compromise a network, because people are typically very friendly and trusting,” he said.Compiled by Paul KersteinFor more information on USB drives and iPods, read Attack of the iPods!Keep checking in at our Security Feed for updated news coverage.Or subscribe via RSS. Related content news Chinese state actors behind espionage attacks on Southeast Asian government The distinct groups of activities formed three different clusters, each attributed to a specific APT group. By Shweta Sharma Sep 25, 2023 4 mins Advanced Persistent Threats Advanced Persistent Threats Cyberattacks feature How to pick the best endpoint detection and response solution EDR software has emerged as one of the preeminent tools in the CISO’s arsenal. Here’s what to look for and what to avoid when choosing EDR software. By Linda Rosencrance Sep 25, 2023 10 mins Intrusion Detection Software Security Monitoring Software Data and Information Security feature Top cybersecurity M&A deals for 2023 Fears of recession, rising interest rates, mass tech layoffs, and conservative spending trends are likely to make dealmakers cautious, but an ever-increasing need to defend against bigger and faster attacks will likely keep M&A activity steady in By CSO Staff Sep 22, 2023 24 mins Mergers and Acquisitions Data and Information Security IT Leadership brandpost Unmasking ransomware threat clusters: Why it matters to defenders Similar patterns of behavior among ransomware treat groups can help security teams better understand and prepare for attacks By Joan Goodchild Sep 21, 2023 3 mins Cybercrime Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe