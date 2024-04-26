Critical infrastructure run by operational technology, which consists of hardware and software used to operate physical assets such as industrial equipment or building management system, continue to be target of USB-derived cyber threats, according to the USB Threat Report by Honeywell.

OT environments need to take measures to improve their cybersecurity posture, as cyberattacks targeting industrial sites are getting more advanced and frequent over the years, the report showed.

The report focused specifically on malware found on USB storage devices used to carry files into, out of, and in-between industrial facilities.

According to the research, cyberattackers are becoming more sophisticated and have a strong understanding of how industrial environments operate. This means they can potentially cause more damage.

Many attackers are using USB devices to establish silent residency in industrial control systems. Instead of simply exploiting vulnerabilities, many intruders hide and observe operations for some time before launching attacks that leverage the inherent capabilities of the systems.

Malware is increasingly targeting systems specifically used by devices in industrial facilities. Of the total malware attacks, 31% targeted industrial systems and sites, according to the report. The percentage of targeted malware attacks has been on the rise since 2016, when the report found 16% of malware attacks were industrial-targeted.

Malware can cause significant impact, such as loss of view, loss of control or system outages in the OT environments. These significant impacts mean that malware could substantially affect industrial operations. Honeywell research indicated that 82% of malware is capable of causing disruption to industrial operations, either through loss of view or loss of control.

Overall, the report found that removable media such as USBs are increasingly used in targeted attack campaigns. Over half (51%) of malware attacks are designed for USB devices, according to 2024 data, which is a nearly six-fold increase from 9% reported in the 2019 report.