-
Global-
Africa
-
Asia Pacific
-
Europe
-
Latin America
-
Middle East
-
North America
- |
- BUSINESSES
- |
- Contact
- |
-
Global
-
Africa
-
Asia Pacific
-
Europe
-
Latin America
-
Middle East
-
North America
- |
- BUSINESSES
- |
- Contact
- |
Cybersecurity in 2024: USB Devices Continue to Pose Major Threat
Protecting critical infrastructure from a cyberattack has never been more important.
What do solar and wind farms, chemical plants and even bank ATMs have in common?
They’re all examples of critical infrastructure run by operational technology (OT), which consists of hardware and software used to operate physical assets, such as industrial equipment in a plant or building management system. OT environments need to take measures to improve their cybersecurity posture, as cyberattacks targeting industrial sites are getting more advanced and more frequent, as Honeywell’s USB Threat Report has shown over the years.
In its sixth year, the USB Threat Report by Honeywell’s Global Analysis, Research and Defense Group examines USB-derived cyber threats. This report focuses specifically on malware found on USB storage devices used to carry files into, out of and in-between industrial facilities, as analyzed by Honeywell’s Secure Media Exchange (SMX) product.
Here are five takeaways to know from the 2024 USB Threat Report:
Cyberattackers are becoming more sophisticated and have a strong understanding of how industrial environments operate.
This means that they can potentially cause more damage.
Many attackers are using USB devices to establish silent residency in industrial control systems.
Instead of simply exploiting vulnerabilities, many intruders hide and observe operations for some time before launching attacks that leverage the inherent capabilities of the systems.
Malware is increasingly targeting systems specifically used by devices in industrial facilities.
31% of malware attacks targeted industrial systems and sites, according to the 2024 report. The percentage of targeted malware attacks has been on the rise since 2016, when the report found 16% of malware attacks were industrial-targeted.
Malware can cause significant impact, such as loss of view, loss of control, or system outages in OT environments.
These significant impacts mean that malware could substantially affect industrial operations. Our research indicates 82% of malware is capable of causing disruption to industrial operations, either through loss of view or loss of control.
Overall, the report found that removable media such as USBs are increasingly used in targeted attack campaigns.
51% of malware attacks are designed for USB devices, according to 2024 data, which is a nearly six-fold increase from 9% reported in the 2019 report.
For more insights on the state of industrial cybersecurity, check out the full 2024 USB Threat Report here.
