The suspicious USB sticks have been causing a hacker alarm throughout Flanders since Friday. The VRT program Factcheckers is not aware of any harm and sees it as a socially relevant measure.

Last weekend, the Antwerp public prosecutor’s office issued a press release saying that suspicious USB sticks had been found in several public places. The Antwerp public prosecutor’s office immediately initiated an investigation into the alleged sticks and emphasized that they were criminal offenses. “Distributing USB sticks containing hacking tools is also a criminal offense,” emphasizes the public prosecutor’s office.

According to Gazet van Antwerpen, the VRT program “Factcheckers” appears to be the basis for the suspicious USB sticks. Suspicious USB sticks also appeared at the parent company Mediahuis.

The public prosecutor’s office cannot laugh at the actions of the VRT program. “USB drop is a well-known technique that hackers use to gain access to the network systems of companies or institutions,” said Kristof Aerts, spokesman for the Antwerp public prosecutor’s office.

Since the suspicious sticks seemed to be appearing everywhere in Flanders, nationwide investigations were also launched.

Kristof Aerts, spokesman for the Antwerp public prosecutor’s office

“When you insert the USB stick into your computer, malware is automatically stored on your computer, giving hackers access to your systems. Since the suspicious sticks seemed to be appearing everywhere in Flanders, investigations were also launched nationwide.”

There is no known damage to VRT

The USB sticks appeared in many places, especially public places such as police stations, hospitals and courthouses. “This is a socially relevant action because it highlights a danger that people are not sufficiently aware of,” says VRT spokeswoman Yasmine Van der Borght. According to GvA, the spokeswoman emphasizes that there was no malware on the USB sticks distributed.

“Every IT department can immediately see that this is an educational campaign and that there is no malware involved. The results are also not linked to the places or institutions examined. No location is identified or held responsible in the report. The aim of the awareness campaign is to draw attention to the potential danger for everyone, because everyone is also a potential victim.”

Every IT department can immediately see that this is an educational campaign and that no malware is involved.

Yasmine Van der Borght, VRT spokesperson

Shouldn’t the program makers have informed the public prosecutor’s office and the police beforehand? According to VRT, not because that would jeopardize the investigation.

Little understanding, unjustified

The Antwerp public prosecutor’s office shows little understanding. She points out that raising awareness of the dangers of cybercrime is good, but that it can also be done “in a responsible way”. Now the police and judiciary panicked and even UZ Gasthuisberg is said to have thought about closing its network.

As far as we are concerned, we like the campaign by “Factcheckers”. It might as well have been a fraudulent hacker. Every organization must be prepared to ban USB sticks from the network and implement the necessary configurations. The mass panic now shows that organizations and employees are not ready for this, giving hackers an additional tool to break in digitally.

Hopefully the campaign has already put more people on alert so that the cyber risk has reduced somewhat.