Say it isn’t so…USB’s are Still a Threat to OT Systems

Honeywell just released its USB Threat Report 2020. If your utility uses USB’s in the OT environment, this is a must read report to understand the types of threats Honeywell detected and the potential impact these threats could have on industrial facilities and critical infrastructure.

Key findings from the USB Threat Report 2020 include:

• USB Remains a Top Threat Vector
• USB-Borne Malware: A High-Potency Threat
• High Concentration of USB-Specific Threats
• USB Borne Threats Are More Dangerous Than Ever
• Threat Patterns Appear Unique to OT
• Are USB Borne Threats Targeting OT Systems Directly?
• Improved Hygiene, Higher Risk

USB’s seem so innocuous while being so useful in their utility for easily transferring files, yet it was a USB that carried the first known and most destructive ICS-targeting malware thus far, Stuxnet. Given this capability for destruction, Honeywell suggests that relying on policy updates or people training alone will not suffice for scalable threat prevention – USB security must include technical controls and enforcement. For more highlights, visit Tripwire.