"How to Protect Your Industrial Facilities from USB-Based Malware"

Honeywell noted in its 2022 Industrial Cybersecurity USB Threat Report that USB storage drives can be used to transport malicious files into and out of industrial facilities. These drives can be used to infect computers with malware or to compromise sensitive data. Threats to Operational Technology (OT) environments have become more prevalent and dangerous. Honeywell's Cybersecurity Global Analysis, Research, and Defense team analyzed USB-based threats detected and blocked by its security engine. The examined devices were actively used in industrial facilities. Since the analysis focused only on detected and recorded malware that was blocked, there were most likely additional threats that were not detected or recorded. Honeywell identified 32 percent of all security threats as being specific to industrial facilities. Ones designed to spread malware via USB devices or exploit USB drives to install malware increased to 52 percent in 2022, up from 37 percent the previous year. The percentage of threats aimed at gaining remote access to the compromised system was 51 percent. At the same time, high-impact security threats capable of causing a loss of control or visibility into an industrial device increased from 79 percent to 81 percent of all visible threats. Honeywell offers recommendations to industrial organizations looking to protect their facilities and OT from USB compromise. These recommendations include establishing a clear USB security policy, reducing the time it takes to remediate a threat, controlling outbound network connectivity from process control networks, and more. This article continues to discuss the possible infection of industrial equipment with USB-borne malware and Honeywell's recommendations for protecting industrial facilities from USB-based malware. 

TechRepublic reports "How to Protect Your Industrial Facilities from USB-Based Malware"