USB devices pose a significant threat to industrial facilities

null

New research has revealed that removable USB media devices such as flash drives pose a significant and intentional cybersecurity threat to a wide array of industrial process control networks.

A report from Honeywell found that nearly half of 40 customer locations detected and blocked at least one file with a security issue. The data also revealed that 26 per cent of the detected threats were capable of significant disruption by causing operators to lose visibility or control of their operations.

The threats detected by Honeywell targeted a wide variety of industrial sites, including refineries, chemical plants and pulp-and-paper manufacturers around the world. They also ranged in severity with 1 in 6 targeting industrial control systems or IoT devices.

USB threats

Director of Strategic Innovation at Honeywell Industrial Cyber Security, Eric Knapp shed further light on the findings of the report, saying:

“The data showed much more serious threats than we expected, and taken together, the results indicate that a number of these threats were targeted and intentional. This research confirms what we have suspected for years – USB threats are real for industrial operators. What is surprising is the scope and severity of the threats, many of which can lead to serious and dangerous situations at sites that handle industrial processes.” 

The research is the first of its kind and marks the first commercial report to focus exclusively on USB security in industrial control environments. By examining data collected from Honeywell's Secure Media Exchange (SMX) technology, the company was able to detect a number of high-profile, well-known issues such as TRITON and Mirai as well as variants of Stuxnet.

To make matters worse, 11 per cent of the threats discovered by the company were not reliably detected by more traditional anti-malware technology.