Honeywell’s latest cybersecurity report reveals increase in USB-borne malware threats
August 19, 2022 by Manufacturing AUTOMATION
Honeywell’s recent cybersecurity report says that USB-borne malware threats are on the rise and continue to be a serious concern. Data from the 2022 Honeywell Industrial Cybersecurity USB Threat Report shows that 52 percent of threats were specifically designed to utilize removable media. It was up from 32 percent in the 2021 report and more than double the 19 percent in 2020. Honeywell explained that the threats designed to use removable media have reached a dangerously high level.
Honeywell is publishing its Industrial Cybersecurity USB Threat Report for the fourth consecutive year. The reports focus on the trend of the continued rise in more potent and more prominent cybersecurity threats.
“This year’s report indicates that adversaries are deliberately leveraging removable media as an initial attack vector to establish remote connectivity, exfiltrate data, and establish command and control,” said Jeff Zindel, vice-president and general manager, Honeywell Connected Enterprise Cybersecurity. “It’s now painfully clear that USB removable media are being used to penetrate industrial/OT environments, and that organizations must adopt formal programs to defend against this type of threat to avoid costly disruptions.”
Sophisticated threats on the rise
Report data shows that threats designed to establish remote access capabilities remained steady at 51 percent. The number of threats designed specifically to target industrial control systems increased from 30 percent to 32 percent. As per the report, current malware is more capable of causing a disruption to industrial control systems. Numbers show a rise to 81 percent compared to 79 percent the previous year.
The Honeywell report is based on aggregated cybersecurity threat data from hundreds of industrial facilities globally during a 12-month period. Along with USB attacks, the research highlights that Trojans remain a top concern. Their potential to cause severe disruption to industrial infrastructure is high, comprising 76 percent of the malware detected.
Honeywell explains that cybersecurity threats to industrial/OT environments are more sophisticated and more frequent than before. Hackers are leveraging USB-borne malware as part of larger cyberattack campaigns. They are taking advantage of USB removable media to circumvent network defences and bypass the air gaps upon which many of these facilities depend upon for protection.