USB flash drives can often be a threat to your organization as malicious insiders could use them to steal your most sensitive data. Organizations should also be aware that USB drives can also be used to plant malware, such as backdoors and fileless malware.
According to Trend Micro researchers, a recent spate of fileless malware attacks reported in early August that involved a backdoor (BKDR_ANDROM.ETIN) and malicious script were actually planted in target systems via USB flash drives.
To help prevent threats, organizations should disable USB ports (by default), install data loss prevention (DLP) software to prevent sensitive data loss and only allow authorized encrypted USB drives to transfer data securely in limited approved business cases.
Software-based encryption can also be used to encrypt files when stored on removable media. Anti-virus software should also be enabled on systems to immediately scan any connected USB drives for malware.