The report by Honeywell highlights the growing threat of cyber attacks on critical infrastructure managed by operational technology. Malware transmitted via USB storage devices is a primary concern, as it can cause significant damage to industrial facilities and their control systems.
The study found that malicious software targeting removable media like USB devices accounted for over half of total attacks in 2024, a notable increase from the 9% reported in the previous 2019 report. This trend is particularly concerning as cyber attackers are becoming increasingly adept at infiltrating industrial environments and staying hidden within control systems, laying the groundwork for devastating attacks that exploit system functionalities.
Industrial-targeted malware attacks have also been on the rise, with 31% of total malware attacks specifically targeting these systems and sites. This represents a significant increase from 2016 when such attacks were recorded at just 16%. Malware can have damaging effects on operational technology (OT) environments, including disrupting visibility, control, or causing system downtime.
To enhance cybersecurity measures in OT environments, Honeywell recommends implementing robust security protocols and monitoring systems to detect and prevent malicious activity. It is essential to keep hardware and software up-to-date and train employees on best practices for cybersecurity to minimize the risk of future attacks.
In conclusion, critical infrastructure managed by operational technology remains a prime target for cyber threats originating from USB devices. To mitigate these risks, organizations must stay vigilant and implement robust security measures to protect their industrial facilities from potential harm.