Why sneakernet is a big cyber threat to industrial networks

Aug. 18, 2022
USB is the three-letter equivalent of a four-letter word when it comes to malware in industrial plants, according to Honeywell's latest examination of threats.

In its latest Industrial Cybersecurity USB Threat Report, Honeywell provides sobering statistics about the growing threat that USB devices pose to industrial plants.

“Malware … is getting more advanced,” the company said when announcing the availability of its latest study. “As people grow more dependent on their devices, malware becomes more disruptive. At industrial facilities, USB removable devices—which aren’t just removable storage, but can also be mouses, keyboards, or network adapters that connect by USB—help people collaborate and share data. Those devices can also pose a major risk to the facilities where they’re used, as many facilities rely on computers to operate machines, pumps, motors, and other physical equipment.”

In the 2022 Industrial Cybersecurity USB Threat Report, Honeywell reveals the following statistics.

  • 52% of threats are specifically designed to use USB removable devices—compared to 37% in 2021 and 19% in 2020.
  • 81% of threats are capable of causing a disruption to operational technology (OT) systems—up from 79% a year ago.
  • 51% of threats are designed to establish remote access or remote control—consistent with 2021 findings.
  • Trojans, which are malware designed to trick you into executing them, account for 76% of threats.

In the report, Honeywell says organizations must establish a clear USB security policy. “Evidence indicates USB removable media is intentionally used as an initial attack vector into industrial control/OT environments,” it states. “As such, technical controls and enforcement must be established to better secure USB media and peripherals.”

The company also pointed out that this year’s study validated a trend that first surfaced in 2021: “The number of threats designed specifically to target industrial control systems also increased slightly year over year, from 30% to 32%, while at the same time the malware was more capable of causing disruption to industrial control systems, up from 79% to 81%.”

You can download the full report here.

Sponsored Recommendations

imVision® - Industry's Leading Automated Infrastructure Management (AIM) Solution

May 29, 2024
It's hard to manage what you can't see. Read more about how you can get visiability into your connected environment.

Adapt to higher fiber counts

May 29, 2024
Learn more on how new innovations help Data Centers adapt to higher fiber counts.

Going the Distance with Copper

May 29, 2024
CommScopes newest SYSTIMAX 2.0 copper solution is ready to run the distanceand then some.