Removable media like USBs or pen drives continues to be a serious data breach concern for various industries as this year, 52 percent of cyber threats were specifically designed to use such removable media, up from 32 per cent in 2021, a new report claimed. According to the ‘2022 Honeywell Industrial Cybersecurity USB Threat Report,’ the threat of USB-borne malware continues to be a serious concern and the rise shows that the threats designed to use removable media have reached a dangerously high level.
In its fourth year, the report claims that the threats designed to establish remote access capabilities remained steady at 51 percent, while the number of threats designed specifically to target industrial control systems increased slightly year over year.
“Adversaries are deliberately leveraging removable media as an initial attack vector to establish remote connectivity, exfiltrate data, and establish command and control,” said Jeff Zindel, vice president and general manager, Honeywell Connected Enterprise Cybersecurity. “It’s now painfully clear that USB removable media are being used to penetrate industrial/OT environments, and that organizations must adopt formal programs to defend against this type of threat to avoid costly disruptions,” he added.
Along with USB attacks, the research highlights that Trojans remain a top concern because of their potential to cause severe disruption to industrial infrastructure, comprising 76% of the malware detected. The threats attempting to enter industrial/OT environments have continued to increase in sophistication and frequency with USB-borne malware clearly being leveraged as part of larger cyberattack campaigns. Hackers are taking advantage of USB removable media to circumvent network defenses and bypass the air gaps upon which many of these facilities depend upon for protection.