Industrial control systems are at risk from cyber threats originating from USB devices, according to a report by Honeywell. The study highlights the need for operational technology (OT) environments to enhance their cybersecurity measures in light of the increasing number and sophistication of attacks targeting industrial facilities.
The report specifically focused on malware transmitted via USB storage devices, which are commonly used to transfer files within and between industrial sites. Cyber attackers are becoming increasingly adept at infiltrating industrial environments, using their deep understanding of operations to hide within control systems and lay the groundwork for devastating attacks that exploit the systems’ inherent functionalities.
Industrial-targeted malware attacks have been on the rise, with 31% of total malware attacks specifically targeting these systems and sites in 2024 – a significant increase from 16% in 2016. The damaging effects of malware on OT environments can include disrupting visibility, control or causing system downtime.
Honeywell’s research revealed that a substantial majority (82%) of malware possesses the capability to disrupt industrial operations by interfering with visibility or control mechanisms. Additionally, there is a growing trend of malicious software targeting removable media like USB devices, with malware attacks on USBs accounting for over half (51%) of total attacks in 2024 – a notable surge from the 9% reported in the previous 2019 report.