Rising Threat of USB-Derived Cyber Attacks on Industrial Control Systems: Honeywell’s USB Threat Report Reveals Alarming Trend

Industrial control systems are increasingly becoming targets of cyberattacks, as highlighted in Honeywell’s USB Threat Report. Malware found on USB storage devices is a growing concern, as it is used to transfer files within, to, and from industrial facilities. Cyber attackers are using these devices to secretly infiltrate control systems and observe operations before launching attacks that exploit their capabilities.

According to the report, malware targeting industrial systems has been on the rise since 2016. In fact, 31% of malware attacks were aimed at industrial systems and sites in 2020, marking a significant increase from the 16% reported in 2016. The impact of such attacks can be substantial, leading to loss of visibility, control or system outages that can severely disrupt industrial operations.

Honeywell’s research shows that a majority (82%) of malware is capable of disrupting industrial operations, signaling a significant threat to critical infrastructure. Furthermore, the report reveals that a growing number of targeted attack campaigns use removable media like USB devices. Over half (51%) of malware attacks in 2024 targeted at USB devices, marking an almost six-fold increase from the 9% reported in 2019. This trend underscores the urgent need for OT environments to bolster their cybersecurity defenses against USB-derived cyber threats to safeguard critical infrastructure from potentially devastating attacks.

OT environments need to enhance their cybersecurity measures given the increasing frequency and sophistication of cyberattacks on industrial sites in recent years. The report highlights that malware targeting industrial systems has become a growing concern and emphasizes the need for organizations operating critical infrastructure to take proactive steps to secure their control systems against such threats.

In conclusion, critical infrastructure powered by operational technology remains a target of USB-derived cyber threats as highlighted by Honeywell’s USB Threat Report. Organizations operating critical infrastructure should take proactive steps to secure their control systems against such threats by enhancing their cybersecurity measures and adopting best practices for securing removable media like USB devices.