Honeywell warns: USB malware attacks evolving in industrial organizations

April 30, 2024
1 min read

TLDR:

  • Honeywell’s annual report warns of increasing sophistication in USB-borne malware targeting industrial organizations.
  • Analysis shows that 31% of detected malware is associated with campaigns targeting industrial systems.

An analysis conducted by Honeywell shows that much of the USB-borne malware targeting industrial organizations can still cause OT disruption. The report, based on data collected by Honeywell’s Global Analysis, Research and Defense (GARD) team, reveals that 31% of detected malware is part of campaigns targeting industrial systems. More than half of the malware targets or spreads via USB drives, with the capability to connect to a remote C&C server. 80% of the malware detected can cause disruptions to operational technology processes. There is a shift towards using living-off-the-land (LotL) strategies to avoid detection and remain persistent. The company has seen an increase in malware targeting Linux platforms and leveraging existing document and scripting functions. The amount of blocked malware has increased by approximately 33% from the previous year. Honeywell warns that known threats are becoming more sophisticated and pose a significant risk to operations.

Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and