The "hidden door" of malware

According to 2025 statistics, Vietnam recorded over 109 million security threats originating from internal devices such as USB drives, external hard drives, and CD/DVDs. Notably, 48.6% of users have faced at least one such attack, making Vietnam the country with the highest risk rate in Southeast Asia and among the top 10 countries globally . These figures highlight a reality: despite increasingly sophisticated online attacks, infection via physical devices remains a major vulnerability that has not been effectively controlled.

The key point is that these threats don't require the internet to operate. Computer worms or file-infecting viruses can hide in USB drives, activate themselves when plugged into a computer, and then spread throughout the internal system. Even environments considered "network-isolated" aren't entirely safe if a device is already infected. A USB drive passing through many machines and users can become a silent gateway for malware to penetrate deeper into the system.

Explaining this situation, Mr. Ngo Tan Vu Khanh - Country Director of Kaspersky in Vietnam, said that a major reason lies in complacency. Users often focus on protecting themselves against risks from the Internet, but pay little attention to risks from internal devices. Meanwhile, devices like USB drives are easily trusted because they are familiar, leading to their use without necessary checks or controls.

In the context of digital transformation, as systems expand and data sharing becomes more flexible, this "hidden door" is increasingly overlooked. A device infected with malware can affect not only a single personal computer but can also spread throughout the entire internal network, causing significant damage to the organization.

Therefore, the security challenge lies not only in defending against external attacks, but also in tightening the internal loopholes. Controlling endpoints, restricting or managing USB usage, updating software, backing up data regularly, and raising user awareness are all necessary measures. In an increasingly complex digital world, sometimes the threat doesn't lie in something distant, but begins with a small, familiar device – yet it can open a whole "hidden door" for malware.