ThreatLocker joins Adam Savage’s Tested
Adam Savage’s Tested explores the intersection of science, pop culture, and emerging technology. In each episode, Savage, a special effects designer, television personality, and educational content creator, invites fellow makers and curious minds into his cave to share ideas and inspiration.
Recently, ThreatLocker CEO Danny Jenkins joined him to investigate everyday tech items and the hidden dangers they possess.
Why Adam Savage won't trust USB keys
A computer isn't always what most people imagine. There are devices that look like an innocent charging cable or USB storage drive but have a full-fledged computer inside them.
This way, they can steal your data and execute code as soon as you plug them in—even if you block USB storage devices. People store their emails, bank information, and tax returns on their computers, and these devices put all of it at risk.
In this episode, Savage and Jenkins, along with Kieran Human, Security Enablement Lead at ThreatLocker, reviewed three different types of common USB devices and how they can silently steal your keystrokes, files, and even screenshots of your computer every minute.
It doesn’t matter what EDR you have, how fast your response time is, or how well you train your employees. It only takes one mistake from one user, and you’re compromised.
The only way to stop this is to enforce Zero Trust controls to account for the user making those mistakes.
Once you do that, it becomes a lot easier to see what you need to do to protect your environment: Only allow what’s needed and block everything else.
For example, don’t let PowerShell access the internet if it doesn’t need to, and don’t let unknown scripts run when the computer starts up.
That said, users should always be wary of any unexpected emails or calls.
AI has made it incredibly easy to make nearly flawless phishing emails or deep fake voice calls of people.
If your IT department tells you to run some code, do not proceed without first confirming through a second line of communication that you’re speaking to the proper people.
And if you find a random USB drive somewhere, heed Adam's advice—plugging it in is like chewing gum you found on the subway. Just don't do it.
Parts 2 and 3 of the series will be available in the coming weeks.
ABOUT THE AUTHOR
Kieran Human is a security enablement lead at ThreatLocker. He holds a Master of Science in Cybersecurity and Privacy from the University of Central Florida, where he focused his thesis on cryptocurrency and cybercrime. Kieran applies his deep technical expertise to solve complex client challenges and lead critical product research. A passionate educator, he shares his insights through technical writing, white papers, and webinars.
