A cybersecurity research carried out by Honeywell reveals removable USB media devices can represent a threat, sometimes intentional, to a wide range of industrial process control networks. Data derived from Honeywell technology used to scan and control USB devices at 50 customer locations showed that nearly half (44 percent) detected and blocked at least one file with a security issue. It also revealed that 26 percent of the detected threats were capable of significant disruption by causing operators to lose visibility or control of their operations.
The threats targeted a wide variety of industrial sites, including refineries, chemical plants and pulp-and-paper manufacturers around the world. About 1 in 6 targeted industrial control systems or Internet of Things (IoT) devices. The research examined data collected from Honeywell’s Secure Media Exchange (SMX) technology, which is specifically designed to scan and control removable media, including USB drives. Among the threats detected were high-profile, well-known issues such as TRITON and Mirai, as well as variants of Stuxnet, an attack type previously leveraged by nation-states to disrupt industrial operations. In comparative tests, up to 11 percent of the threats discovered were not reliably detected by more traditional anti-malware technology.