THE piece revisits Dark Reading’s history with a 2006 pen test in which thumb drives were planted in a credit union’s parking lot to probe employee behaviour, an experiment that Steve Stasiukonis and his team carried out after coordinating with Tim Wilson and Tim Wilson’s colleagues. According to Dark Reading, the column titled Social Engineering, the USB Way went viral, largely helped by coverage on Slashdot rather than Reddit, and it became an urban legend in social engineering circles.
The interview describes a high success rate, with 15 out of 20 drives seized and plugged in, as employees were curious about what was on the sticks and would insert them into their machines. It also explains how the client’s awareness grew and staff training or policies emerged as a response, marking a shift in understanding of physical security and human factors in cybersecurity.
The discussion touches on how pen testing has evolved, moving from USB sticks to more sophisticated field systems, and it closes with reflections on AI’s impact on social engineering. according to Dark Reading