Hackers are increasingly using USB drives to carry out malware attacks on businesses.
Honeywell’s 2022 Industrial Cybersecurity USB Threat Report found that 52% of threats detected on industrial facilities can leverage removable media devices such as USB drives compared to 32 % last year and 19% in 2020.
About 81% of threats have the potential to disrupt operational technology (OT), up from 79% last year.
OT includes hardware and software used in a factory to monitor and control physical devices such as machines.
The report explains that USB removable media allows hackers to circumvent network-level security and bypass air holes, which are used by most modern industrial facilities. Air gapping is a cybersecurity measure used to keep one or more computers isolated from untrusted or unsafe networks or network devices.
According to Honeywell, USB devices are actively used in industrial facilities, which is one of the reasons why research has focused on USB-based threats.
Jeff Zindel, vice president and general manager at Honeywell Connected Enterprise Cybersecurity.
The report also indicates that 51% of USB threats are designed to establish remote access. The number of specially designed threats against industrial control systems (ICS) also increased to 32% from 30% in 2021.
The Honeywell report’s findings are based on aggregated threat data from hundreds of industrial facilities around the world over a 12-month period.
Earlier this year, the Federal Bureau of Investigation (FBI) in the US warned about malicious USB drives being sent to companies using the postal service, hoping that a gullible employee would connect it to a working system and that gives them the opportunity to spread malware. .
The FBI suspects the involvement of FIN7, a notorious cybercriminal group behind the Darkside and BlackMatter ransomware operations.