Drives and Controls Magazine
Home
Menu
USB devices pose a major cyberthreat to OT systems
Published:  30 May, 2024

Cyberattacks targeting industrial sites are getting more advanced and more frequent according to the latest edition of Honeywell’s annual USB Threat Report. It also shows that more than half (51%) of malware attacks on OT (operational technology) systems are designed to be injected via removable media such as USB memory sticks. The report reveals that the number of targeted attacks via USB devices has increased nearly six-fold from the 9% it recorded in 2019.

The report, produced by Honeywell’s Global Analysis, Research and Defence Group, examines USB-derived cyberthreats. It focuses on malware found on USB memory devices used to carry files into, out of and between industrial facilities. The analysis used Honeywell’s Secure Media Exchange (SMX) tool.

The report reveals that cyberattackers are becoming more sophisticated and now have a good understanding of how industrial environments operate. This means that they can potentially cause more damage.

Other findings are that:

Malware is increasingly targeting industrial facilities. Almost a third (31%) of malware attacks now specifically target industrial systems and sites – almost twice as many as the 16% recorded in 2016.

Malware can cause loss of control, system outages or loss of view, in OT environments.  The research indicates that 82% of malware is capable of disrupting industrial operations, either through a loss of view or loss of control.

Many attackers are using USB devices to establish silent residency in industrial control systems  Instead of simply exploiting vulnerabilities, many intruders hide and observe operations for some time before launching attacks that exploit a system’s capabilities.

Honeywell:  Twitter  LinkedIn  Facebook