Why sneakernet is a big cyber threat to industrial networks

Aug. 18, 2022
USB is the three-letter equivalent of a four-letter word when it comes to malware in industrial plants, according to Honeywell's latest examination of threats.

In its latest Industrial Cybersecurity USB Threat Report, Honeywell provides sobering statistics about the growing threat that USB devices pose to industrial plants.

“Malware … is getting more advanced,” the company said when announcing the availability of its latest study. “As people grow more dependent on their devices, malware becomes more disruptive. At industrial facilities, USB removable devices—which aren’t just removable storage, but can also be mouses, keyboards, or network adapters that connect by USB—help people collaborate and share data. Those devices can also pose a major risk to the facilities where they’re used, as many facilities rely on computers to operate machines, pumps, motors, and other physical equipment.”

In the 2022 Industrial Cybersecurity USB Threat Report, Honeywell reveals the following statistics.

  • 52% of threats are specifically designed to use USB removable devices—compared to 37% in 2021 and 19% in 2020.
  • 81% of threats are capable of causing a disruption to operational technology (OT) systems—up from 79% a year ago.
  • 51% of threats are designed to establish remote access or remote control—consistent with 2021 findings.
  • Trojans, which are malware designed to trick you into executing them, account for 76% of threats.

In the report, Honeywell says organizations must establish a clear USB security policy. “Evidence indicates USB removable media is intentionally used as an initial attack vector into industrial control/OT environments,” it states. “As such, technical controls and enforcement must be established to better secure USB media and peripherals.”

The company also pointed out that this year’s study validated a trend that first surfaced in 2021: “The number of threats designed specifically to target industrial control systems also increased slightly year over year, from 30% to 32%, while at the same time the malware was more capable of causing disruption to industrial control systems, up from 79% to 81%.”

You can download the full report here.

Sponsored Recommendations

Cat 6A Frequently Asked Questions

April 29, 2024
At CommScope we know about network change and the importance of getting it right. Conclusion Category 6A cabling and connectivity.

Revolutionize Your Network with Propel Fiber Modules

Oct. 24, 2023
Four sizes of interchangeable Propel fiber modules provide the breadth of capabilities for virtually any configuration.

Elevate Your Network with Propel High-Density Panels

Oct. 24, 2023
Propel Series Sliding Fiber Optic Panels

Constellation™ - Explore power and data products

Oct. 24, 2023
Discover the Essentials for Building Your Power and Data System!