Hackers eyeing USB drives to help circumvent network defences: Honeywell
About 52% of cyberthreats that took place in 2021 were specifically designed to target removable media including CDs, DVDs, Blu-Ray disks, diskettes and USB drives, according to the 2022 Honeywell Industrial Cybersecurity USB Threat Report released on Friday.
The figure was 32% in the previous year and 19% the year before that, indicating removable media-centric threats had reached a dangerously high level, Honeywell said..
“The new report indicates that adversaries are deliberately leveraging removable media as an initial attack vector to establish remote connectivity, exfiltrate data, and establish command and control,” said Jeff Zindel, vice-president and general manager, Honeywell Connected Enterprise Cybersecurity.
According to Honeywell’s study, hackers have been taking advantage of USB removable media to circumvent network defences and bypass the air gaps – a network security measure – upon which many of these facilities depend for protection.
Along with USB attacks, the research also found that ‘trojans’ remained a top concern because of their potential to cause severe disruption to industrial infrastructure, comprising 76% of the malware detected.
The study was based on cybersecurity threat data collected from hundreds of industrial facilities globally, including the ones in India, during calendar year 2021.