Yes, that's one of the bad design decisions of USB
Since you can connect "anything" to USB, you can also connect things you don't expect, like ethernet cards, mass storage devices or input devices. Previously Windows didn't actually support USB in any meaningful way, but now since it does, there is some focus on USB security.
Obviously the sane way to go would be to have dedicated ports again. Connect printers and scanners via Ethernet, connect input devices via some sort of overclocked PS/2, and have a special port for mass storage devices. That way you could essentially eliminate all harmful device spoofing...
Of course now some dimwits are saying that "signed USB devices" will save us all. Well first of all I'd like you to acknowledge that the new USB keyboard you just plugged in is the one you actually want to have so it's signature can be stored. Secondly this will probably only be used for vendor lock ins.