SCENARIO: An employee within your organization used the company’s digital camera for business purposes. In the course of doing so, they took a scenic photograph that they then loaded onto their personal computer by inserting the SD card. The SD card was infected with malware while connected to the employee’s personal computer. When re-inserted into a company machine, it infected the organization’s system with the same malware.
What is your response?
Discussion questions
• Who within the organization would you need to notify?
• How would your organization identify and respond to malware infecting your system through this vector?
o What is the process for identifying the infection vector?
• What other devices could present similar threats?
• What should management do?
• How can you prevent this from occurring again?
o Does your organization have training and policies in place to prevent this?
o Do policies apply to all storage devices?
Processes tested: Detection ability/User awareness
Threat actor: Accidental insider
Asset impacted: Network integrity
