This kind of attack is not new, the new part are the examples of generic devices with hacked firmware to do that. This can be solved easily requesting user autorization before activating any USB device type, for example, before telling the system that there is a new USB network device, ask the user for confirmation. The trick is with input devices, where the new device could be replacing a broken one (keyboard or mouse), the confirmation can be done requesting the user to type a code displayed on screen or using the mouse to use a on screen keyboard in order to accept the input device for general usage. The other problem is with devices permanently attached, assume that any attached device at boot time is trusted, If someone replaced your USB device when you weren't present other more awful things couls have been done.