Cybersecurity Reference > Glossary

Rubber Ducky Attack

Definition

ANSWER

A Rubber Ducky Attack is a cyberattack in which a custom USB device emulates a USB keyboard to attack a workstation.

When plugged in, the device immediately begins to imitate a user "typing" a particular set of keystrokes—usually commands or keystrokes designed to perform illicit activity on the target system.

There are few effective defenses against such attacks once the device has been inserted during a login session, particularly since a system can be compromised this way in a matter of seconds, but Plurilock's DEFEND continuous authentication product is among them.

Plurilock DEFEND stops rubber ducky attacks by recognizing almost immediately that the user now "typing" is not the intended account user, since the USB device shares no behavioral characteristics with the intended account user. While the USB device may then continue to try to send keystrokes to the computer, they will be ignored and will do no damage.

Concerned About USB-Based Attacks?

Plurilock's penetration testing services identify vulnerabilities like these before attackers do.

Schedule a Security Assessment → Learn more →

Downloadable References

PDF

Get it now

Sample Governance Policy for AI Use

Sample, shareable addition for employee handbook or company policy library to provide governance for employee AI use.

PDF

Get it now

Establishing Guardrails for AI Whitepaper

Generative AI is exploding, but workplace governance is lagging. Use this whitepaper to help implement guardrails.

PDF

Get it now

Enterprise IT and Cyber Services

Zero trust, data protection, IAM, PKI, penetration testing and offensive security, emergency support, and incident management services.

Schedule a Consultation:
Talk to Plurilock About Your Needs

loading...

Thank you.

A plurilock representative will contact you within one business day.

Contact Plurilock
+1 (888) 776-9234 (Plurilock Toll Free)
+1 (310) 530-8260 (USA)
+1 (613) 526-4945 (Canada)

sales@plurilock.com

Your information is secure and will only be used to communicate about Plurilock and Plurilock services. We do not sell, rent, or share contact information with third parties. See our Privacy Policy for complete details.