Case Study: Large Hospitality Company Stops BadUSB Attacks with Sepio Hardware Asset Security

Large Hospitality Company - Customer Case Study

A large hospitality company received a phishing letter containing a $50 Best-Buy gift card and a USB thumb drive. When the device was plugged in, it appeared to be a legitimate USB stick but was actually part of a BadUSB attack that impersonated a keyboard to execute malicious commands and download malware, exposing the company to a hardware-based threat that conventional EDR/AV tools would likely miss.

Sepio’s HAC-1 solution was used to provide physical-layer visibility into connected hardware, detect the rogue USB/HID behavior, and block the attack through fingerprinting and machine learning. By identifying the device as suspicious and enabling policy-based mitigation, Sepio helped stop the BadUSB infection path before malware could be installed; the case study does not provide a quantified business impact.