Cybersecurity

USB Devices Continue to Pose Major Threat


What do solar and wind farms, chemical plants and even bank ATMs have in common? 

They’re all examples of critical infrastructure run by operational technology (OT), which consists of hardware and software used to operate physical assets, such as industrial equipment in a plant or building management system. OT environments need to take measures to improve their cybersecurity posture, as cyberattacks targeting industrial sites are getting more advanced and more frequent, as Honeywell’s USB Threat Report has shown over the years.

In its sixth year, the USB Threat Report by Honeywell’s Global Analysis, Research and Defense Group examines USB-derived cyber threats. This report focuses specifically on malware found on USB storage devices used to carry files into, out of and in-between industrial facilities, as analyzed by Honeywell’s Secure Media Exchange (SMX) product.  

Here are five takeaways to know from the 2024 USB Threat Report:

This means that they can potentially cause more damage.

Instead of simply exploiting vulnerabilities, many intruders hide and observe operations for some time before launching attacks that leverage the inherent capabilities of the systems.

31% of malware attacks targeted industrial systems and sites, according to the 2024 report. The percentage of targeted malware attacks has been on the rise since 2016, when the report found 16% of malware attacks were industrial-targeted.  

These significant impacts mean that malware could substantially affect industrial operations. Our research indicates 82% of malware is capable of causing disruption to industrial operations, either through loss of view or loss of control.

51% of malware attacks are designed for USB devices, according to 2024 data, which is a nearly six-fold increase from 9% reported in the 2019 report.

For more insights on the state of industrial cybersecurity, check out the full 2024 USB Threat Report here.



Source

Related Articles

Back to top button