USB Devices Pose A Significant Threat To Industrial Facilities

New, first-of-its-kind research released on Thursday by Honeywell shows that removable USB media devices such as flash drives pose a significant and intentional cybersecurity threat to a wide array of industrial process control networks.

Data derived from Honeywell technology used to scan and control USB devices at 50 customer locations showed that nearly half (44%) detected and blocked at least one file with a security issue.

It also revealed that 26% of the detected threats were capable of significant disruption by causing operators to lose visibility or control of their operations.

The threats targeted a wide variety of industrial sites, including refineries, chemical plants and pulp-and-paper manufacturers around the world, and the threats themselves ranged in severity.

About one in six targeted industrial control systems or Internet of Things (IoT) devices.

Eric Knapp, Director of Strategic Innovation at Honeywell Industrial Cyber Security, said, “The data showed much more serious threats than we expected, and taken together, the results indicate that a number of these threats were targeted and intentional.”

“This research confirms what we have suspected for years – USB threats are real for industrial operators. What is surprising is the scope and severity of the threats, many of which can lead to serious and dangerous situations at sites that handle industrial processes.”

The research marks the first commercial report to focus exclusively on USB security in industrial control environments. It examined data collected from Honeywell’s Secure Media Exchange (SMX) technology, which is specifically designed to scan and control removable media, including USB drives.

Among the threats detected were high-profile, well-known issues such as TRITON and Mirai, as well as variants of Stuxnet, an attack type previously leveraged by nation-states to disrupt industrial operations. In comparative tests, up to 11% of the threats discovered were not reliably detected by more traditional anti-malware technology.

“Customers already know these threats exist, but many believe they aren’t the targets of these high-profile attacks,” Knapp said. “This data shows otherwise and underscores the need for advanced systems to detect these threats.”

The research, which is presented in the Honeywell Industrial USB Threat Report, recommends that operators combine people training, process changes, and technical solutions to reduce the risk of USB threats across industrial facilities.

gasworld:

You Might Also Read:

How Hackers Target Critical Infrastructure

What A ‘Cyber 9/11’ Would Look Like

 

« Iran Admits To Being Hit By Cyber Attack
Microsoft Wants To Work with Trump & Congress On Cybersecurity »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

Logicalis

Logicalis

Logicalis are a leading provider of global IT solutions and managed services.

Okta

Okta

Okta is an enterprise-grade identity management service, built from the ground up in the cloud to address the challenges of a cloud-mobile-interconnected world.

Kaspersky Lab

Kaspersky Lab

Kaspersky Lab is one of the world’s largest privately held vendors of endpoint cybersecurity solutions.

Cyber Security For Critical Manufacturing (ManuSec)

Cyber Security For Critical Manufacturing (ManuSec)

Cyber Security For Critical Manufacturing (Manusec) is a global series of summits focusing on Cyber Security for Critical Manufacturing Sectors.

MadSec Security

MadSec Security

MadSec Security is a leading consulting company whose expertise are information and cyber security.

GuardSquare

GuardSquare

GuardSquare is the global reference in mobile application protection. We develop premium software for the protection of mobile applications against reverse engineering and hacking.

CyberCareers.gov

CyberCareers.gov

CyberCareers.gov is a platform for Cybersecurity Job Seekers, Federal Hiring Managers and Supervisors, Current Federal Cybersecurity Employees, Students and Universities.

Stage2Data

Stage2Data

Stage2Data is one of Canada’s most trusted cloud solution providers offering hosted Backup and Disaster Recovery Services.

Labs/02

Labs/02

Labs/02 is a seed-stage incubator with a mission to advance cutting-edge technology in innovative areas including AI, deep learning, autonomous transportation, and smart cities.

C2SEC

C2SEC

C2Sec provides an innovative analytics platform that assesses and quantifies cyber risks in financial terms based on combining patented big data, AI, and cybersecurity technologies.

Infosec Cloud

Infosec Cloud

Infosec Cloud is a specialist Cyber Security company offering fully managed Training & Testing Services in addition to market leading Cyber Security technology and accredited professional services.

Aryaka

Aryaka

Aryaka’s SmartServices offer connectivity, application acceleration, security, cloud networking and insights leveraging global orchestration and provisioning.

Financial Services Information Sharing and Analysis Center (FS-ISAC)

Financial Services Information Sharing and Analysis Center (FS-ISAC)

The Financial Services Information Sharing and Analysis Center is the only global cyber intelligence sharing community solely focused on financial services.

Sotero

Sotero

Sotero is the first cloud-native, zero trust data security platform that consolidates your entire security stack into one easy-to-manage environment.

NXM Labs

NXM Labs

NXM is a leader in a leader in advanced cybersecurity software for connected devices.

Zigrin Security

Zigrin Security

Zigrin Security offer comprehensive, hands-on security testing of internal networks, applications, cloud-based solutions, e-commerce applications and mobile devices.