USB Malware Still a concern for ICS
The number of cyber threats designed to use USB sticks and other external media devices as launching pads doubled in 2021.79% could be used to disrupt operational technology systems. A research by Honeywell in ICS over a 12 month period says.
USB-borne malware was a serious and expanding business risk with clear indications that removable media has become part of the playbook used by organized and targeted attacks, including ransomware.
Industrial systems mostly are cut off from the internet, external devices like USB drives can provide hackers with a foothold into sensitive networks. USB drives have been known to carry infamous malware strains including Stuxnet and WannaCry.
More than 20 industrial sites located around the world detected malicious files from USB storage devices earlier report indicated. Such attacks are often driven by opportunity and may not indicate that a system was intentionally targeted. Recent industrial attacks, such as those on water suppliers in San Francisco and Florida exploited remote management software using employee credentials.There is a definite rise in the attack against manufacturing and energy utilities. Honeywell was the victim of such an attack earlier this year.
The problem of poor security practices when it comes to external devices extends beyond industry. Safeguards need to be in place for external devices to cut throat the infections.