Singapore’s Malware Spike Reveals an Overlooked Cyber Risk: USB Drives

The recent spike in USB‑borne malware in Singapore highlights a blind spot in many organizations’ security strategies. While headlines often focus on cloud breaches and ransomware, Kaspersky’s telemetry shows that removable media continue to deliver worms and file‑viruses at scale. The 16.2% year‑over‑year rise suggests attackers are capitalising on the lingering trust users place in physical devices, especially in environments where internet access is restricted and data still moves hand‑to‑hand. This old‑school delivery method thrives on simple misconfigurations, such as enabled autorun or outdated endpoint protection, making it a low‑effort, high‑impact threat.

For businesses, the implications are immediate and tangible. A single compromised USB can serve as a foothold for lateral movement, allowing threat actors to harvest credentials, exfiltrate sensitive documents, or deploy ransomware across shared drives. SMEs, which form a substantial portion of Southeast Asia’s digital economy, are particularly vulnerable due to limited security budgets and often lax device‑control policies. The financial fallout extends beyond remediation costs; reputational damage and regulatory penalties can erode customer trust and market position.

Mitigating this risk requires a blend of technical controls and cultural change. Organizations should enforce strict patch management, disable autorun features, and restrict administrative privileges on endpoints. Deploying advanced endpoint detection and response (EDR) solutions can identify anomalous USB activity in real time. Equally important is user education—training staff to treat unknown drives with suspicion and to follow verified data‑transfer procedures. Coupled with isolated, immutable backups, these measures create a resilient defense that neutralises the oldest, yet still potent, cyber‑attack vector.