USB Devices Pose A Significant Threat To Industrial Facilities

Uploaded on 2018-11-09 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Production-Utilities, BUSINESS-Production-Manufacturing, BUSINESS-Production-Energy

New, first-of-its-kind research released on Thursday by Honeywell shows that removable USB media devices such as flash drives pose a significant and intentional cybersecurity threat to a wide array of industrial process control networks.

Data derived from Honeywell technology used to scan and control USB devices at 50 customer locations showed that nearly half (44%) detected and blocked at least one file with a security issue.

It also revealed that 26% of the detected threats were capable of significant disruption by causing operators to lose visibility or control of their operations.

The threats targeted a wide variety of industrial sites, including refineries, chemical plants and pulp-and-paper manufacturers around the world, and the threats themselves ranged in severity.

About one in six targeted industrial control systems or Internet of Things (IoT) devices.

Eric Knapp, Director of Strategic Innovation at Honeywell Industrial Cyber Security, said, “The data showed much more serious threats than we expected, and taken together, the results indicate that a number of these threats were targeted and intentional.”

“This research confirms what we have suspected for years – USB threats are real for industrial operators. What is surprising is the scope and severity of the threats, many of which can lead to serious and dangerous situations at sites that handle industrial processes.”

The research marks the first commercial report to focus exclusively on USB security in industrial control environments. It examined data collected from Honeywell’s Secure Media Exchange (SMX) technology, which is specifically designed to scan and control removable media, including USB drives.

Among the threats detected were high-profile, well-known issues such as TRITON and Mirai, as well as variants of Stuxnet, an attack type previously leveraged by nation-states to disrupt industrial operations. In comparative tests, up to 11% of the threats discovered were not reliably detected by more traditional anti-malware technology.

“Customers already know these threats exist, but many believe they aren’t the targets of these high-profile attacks,” Knapp said. “This data shows otherwise and underscores the need for advanced systems to detect these threats.”

The research, which is presented in the Honeywell Industrial USB Threat Report, recommends that operators combine people training, process changes, and technical solutions to reduce the risk of USB threats across industrial facilities.

gasworld:

You Might Also Read:

How Hackers Target Critical Infrastructure

What A ‘Cyber 9/11’ Would Look Like

 

« Iran Admits To Being Hit By Cyber Attack
Microsoft Wants To Work with Trump & Congress On Cybersecurity »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Zybert Computing

Zybert Computing

Zybert Computing provide server solutions with built-in security and information protection features for the SME market.

CORDIS

CORDIS

CORDIS is the European Commission's primary public repository and portal to disseminate information on all EU-funded research projects and their results.

CYBERPOL

CYBERPOL

CYBERPOL's mission is to facilitate the widest possible mutual assistance between all cyber crime law enforcement authorities to help mitigate global cyber threats.

Lawley Insurance

Lawley Insurance

Lawley is a full-service, independent insurance agency. Specialty insurance products include Cyber Security.

PKWARE

PKWARE

PKWARE is a global leader in business data security, providing encryption and compression solutions to enterprise customers and government entities around the world.

CSO GmbH

CSO GmbH

CSO GmbH provide specialist consultancy services in the area of IT security.

Quadron Cybersecurity Services

Quadron Cybersecurity Services

Quadron Cybersecurity Services is a specialist in digital security, data and system protection.

TruNarrative

TruNarrative

TruNarrative provides a unified solution for Identity Verification, Fraud Detection, eKYC, Risk Assessment, AML Compliance and Account Monitoring.

Global Cyber Security Capacity Centre (GCSCC) - Oxford University

Global Cyber Security Capacity Centre (GCSCC) - Oxford University

GCSCC's work is focused on developing a framework for understanding what works, what doesn’t work and why – across all areas of cybersecurity capacity.

Expel

Expel

Expel provide transparent managed security services, 24x7 detection, response and resilience.

Aligned Technology Solutions (ATS)

Aligned Technology Solutions (ATS)

ATS manage, monitor, and maintain everything from your network and servers to your workstations and mobile devices, and we do it proactively to eliminate downtime and keep hackers at bay.

10dot Cloud Security

10dot Cloud Security

10dot Cloud Security is a security service management company. Our solutions give you contextualised visibility into your network security.

Dataprise

Dataprise

Dataprise is a leading IT managed services provider offering IT Management and Help Desk Support Services, Cloud Services, Information Security Solution, IT Strategy and Consulting.

e5 Lab

e5 Lab

e5 Lab seeks to develop solutions to challenges faced by the shipping industry including digital transformation, autonomous technologies and big data in order to promote safe and efficient operations.

iVision

iVision

iVision is a technology integration and management firm that engineers success for clients through objective recommendations, process and technology expertise and best-of-breed guidance.

Goldilock

Goldilock

Goldilock is redefining how sensitive data, devices, networks and critical infrastructure can be secured.