Honeywell Report: USB Drives Pose Significant Security Threat

A new report released by Honeywell Industrial Cyber Security Solutions 
and Services warns that a big threat to industrial process controls can 
come in very small packages — namely, removable USB devices and flash 
drives used to transfer data between and among computers. Honeywell Process Solutions

James R. Dukart

A new report released by Honeywell Industrial Cyber Security Solutions and Services warns that a big threat to industrial process controls can come in very small packages — namely, removable USB devices and flash drives used to transfer data between and among computers.

Data derived from Honeywell technology that scanned USB devices at 50 customer locations showed that nearly half of the scanned devices had at least one file with a security issue. It also revealed that 26 percent of the detected threats were capable of significant disruption by causing operators to lose visibility or control of their operations.
 
The threats targeted a wide variety of industrial sites, including refineries, chemical plants and pulp-and-paper manufacturers around the world, and the threats themselves ranged in severity. About 1 in 6 targeted industrial control systems or Internet of Things (IoT) devices.
 
"The data showed much more serious threats than we expected,”said Eric Knapp, director of strategic innovation, Honeywell Industrial Cyber Security, noting that the testing found a number of the threats were targeted and intentional. "This confirms what we have suspected for years – USB threats are real for industrial operators. What is surprising is the scope and severity of the threats, many of which can lead to serious and dangerous situations at sites that handle industrial processes."
 
The research marks the first commercial report to focus exclusively on USB security in industrial control environments. It examined data collected from Honeywell’s Secure Media Exchange (SMX) technology, designed to scan and control removable media, including USB drives.

Among the threats detected were high-profile, well-known issues such as TRITON and Mirai, as well as variants of Stuxnet, an attack type previously leveraged by nation-states to disrupt industrial operations. In comparative tests, up to 11 percent of the threats discovered were not reliably detected by more traditional anti-malware technology.

"Customers already know these threats exist, but many believe they aren't the targets of these high-profile attacks," Knapp said. "This data shows otherwise, and underscores the need for advanced systems to detect these threats.”

The report recommends that operators combine people training, process changes, and technical solutions to reduce the risk of USB threats across industrial facilities.


Photo courtesy of Honeywell Process Solutions

Newsletters Sign-up
Slide left

Welcome to ElectricSmarts

You're in good company!
More than 225,000 electrical professionals use ElectricSmarts to access our eCatalog of 2 million plus products, the latest new product information, videos, spec sheets and more.
Smart eCat - Fully Interactive Electrical Industry Product Catalogs
Email:
We care about your privacy, see our privacy policy.