USB Devices Pose A Significant Threat To Industrial Facilities

Uploaded on 2018-11-09 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Production-Utilities, BUSINESS-Production-Manufacturing, BUSINESS-Production-Energy

New, first-of-its-kind research released on Thursday by Honeywell shows that removable USB media devices such as flash drives pose a significant and intentional cybersecurity threat to a wide array of industrial process control networks.

Data derived from Honeywell technology used to scan and control USB devices at 50 customer locations showed that nearly half (44%) detected and blocked at least one file with a security issue.

It also revealed that 26% of the detected threats were capable of significant disruption by causing operators to lose visibility or control of their operations.

The threats targeted a wide variety of industrial sites, including refineries, chemical plants and pulp-and-paper manufacturers around the world, and the threats themselves ranged in severity.

About one in six targeted industrial control systems or Internet of Things (IoT) devices.

Eric Knapp, Director of Strategic Innovation at Honeywell Industrial Cyber Security, said, “The data showed much more serious threats than we expected, and taken together, the results indicate that a number of these threats were targeted and intentional.”

“This research confirms what we have suspected for years – USB threats are real for industrial operators. What is surprising is the scope and severity of the threats, many of which can lead to serious and dangerous situations at sites that handle industrial processes.”

The research marks the first commercial report to focus exclusively on USB security in industrial control environments. It examined data collected from Honeywell’s Secure Media Exchange (SMX) technology, which is specifically designed to scan and control removable media, including USB drives.

Among the threats detected were high-profile, well-known issues such as TRITON and Mirai, as well as variants of Stuxnet, an attack type previously leveraged by nation-states to disrupt industrial operations. In comparative tests, up to 11% of the threats discovered were not reliably detected by more traditional anti-malware technology.

“Customers already know these threats exist, but many believe they aren’t the targets of these high-profile attacks,” Knapp said. “This data shows otherwise and underscores the need for advanced systems to detect these threats.”

The research, which is presented in the Honeywell Industrial USB Threat Report, recommends that operators combine people training, process changes, and technical solutions to reduce the risk of USB threats across industrial facilities.

gasworld:

You Might Also Read:

How Hackers Target Critical Infrastructure

What A ‘Cyber 9/11’ Would Look Like

 

« Iran Admits To Being Hit By Cyber Attack
Microsoft Wants To Work with Trump & Congress On Cybersecurity »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

edgescan

edgescan

edgescan is a cloud-based continuous vulnerability management and penetration testing solution.

Ezenta

Ezenta

Ezenta is a Danish IT security consulting firm.

ElcomSoft

ElcomSoft

ElcomSoft is a global leader in computer and mobile forensics, IT security and forensic data recovery.

Hardenite

Hardenite

Hardenite solution helps R&D, DevOps and IT teams to continuously manage security risks and hardening efforts of any Linux OS – based product, throughout the product life cycle.

Kippeo Technologies

Kippeo Technologies

Kippeo is a security systems integrator providing innovative solutions that look at all the parameters and connect all the dots.

Cyber Covered

Cyber Covered

Cyber Covered provide complete website & data cover with market leading cyber insurance and powerful compliance software in one affordable package.

bluedog Security Monitoring

bluedog Security Monitoring

Sentinel from bluedog provides powerful and affordable internal network monitoring.

T-REX

T-REX

T-REX is a coworking space, technology incubator, and entrepreneur resource center for technology startups.

BoldCloud

BoldCloud

BoldCloud's award winning Cybersecurity Advisory services and Layered Security approach adds new critical layers of protection for your data and your business.

Network Intelligence

Network Intelligence

Network Intelligence delivers a comprehensive suite of AI-powered cybersecurity solutions built on the ADVISE framework.

VectorRock

VectorRock

Save Your Business From Cyber Criminals. We specialize in uncovering cyber risks which threaten your organization and fixing them.

Gravitee

Gravitee

Gravitee helps organizations manage and secure their entire API lifecycle with solutions for API design, management, security, productization, real-time observability, and more.

Theos Cyber Solutions

Theos Cyber Solutions

Theos Cyber provides service-first cybersecurity solutions to digital businesses in Asia.

PCCW Global

PCCW Global

PCCW Global is a leading communications service provider, offering mobility, voice and data solutions to multinational enterprises, telecomms partners, cloud and application service providers.

Turngate

Turngate

Turngate simplify security investigations so you can see employee activities and entitlements in your enterprise in seconds.

Baidam Solutions

Baidam Solutions

Baidam Solutions is a 100% Australian owned and operated First Nations information technology business.