Honeywell reports USB devices attempting to install malware in critical infrastructures

Nov 05, 2018

Honeywell has released a report that found USB devices to be a security threat to operational networks used in critical infrastructure, utilities, energy, water and manufacturing. Forty-four percent of the facilities in the survey detected and blocked at least one malicious or suspicious file. According to Honeywell, while the volume of malware discovered in this research was small, the risks it represents were high. One in four had the potential to cause a major disruption, including loss of view or loss of control over industrial processes, and 16 percent were targeted specifically against Industrial Control System or Internet of Things systems.

According to industrial security company Indegy, it is not uncommon for an engineer, through the normal maintenance of ICS equipment, to plug in a USB flash drive or other USB device, which could release malware into operational network. Unlike IT networks, industrial networks lack traditional monitoring and security controls. Most devices don’t require authentication, making it difficult to prevent unauthorized access or changes to controllers. Though some security products scan industrial networks for attacks, they would not detect changes made by USB installed malware on the control devices themselves.