Detailedlikelihood: Lowseverity: HighDraft

CAPEC-457USB Memory Attacks

Abstraction
Detailed
Status
Draft
Likelihood
Low
Severity
High

Description

An adversary loads malicious code onto a USB memory stick in order to infect any system which the device is plugged in to. USB drives present a significant security risk for business and government agencies. Given the ability to integrate wireless functionality into a USB stick, it is possible to design malware that not only steals confidential data, but sniffs the network, or monitor keystrokes, and then exfiltrates the stolen data off-site via a Wireless connection. Also, viruses can be transmitted via the USB interface without the specific use of a memory stick. The attacks from USB devices are often of such sophistication that experts conclude they are not the work of single individuals, but suggest state sponsorship. These attacks can be performed by an adversary with direct access to a target system or can be executed via means such as USB Drop Attacks.

Related weaknesses· 1

CWE-1299

MITRE ATT&CK crosswalk· 2

T1091: Replication Through Removable MediaT1092: Communication Through Removable Media

Related attack patterns· 2

CAPEC-456 (ChildOf)CAPEC-529 (CanPrecede)

Exploits1

TypeTargetConfidenceTier
WeaknessMissing Protection Mechanism for Alternate Hardware Interfacecwe-1299100%live

Related to2

TypeTargetConfidenceTier
TechniqueCommunication Through Removable Mediat1092100%live
TechniqueReplication Through Removable Mediat1091100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Flash Memory Attacks
CAPEC
Malicious Logic Insertion
CAPEC
Infected Memory
Sub-technique
Exfiltration over USB
CAPEC
DEPRECATED: Malware Propagation via USB Stick
CAPEC
Infected Hardware
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.