Download PDF version Contact company
Related Links

Honeywell released its 2024 USB Threat Report, which provides new insight into how “silent residency” is an increasing cyber threat for industrial and critical infrastructure facilities.

In the report, Honeywell highlighted the growing risk of “living off the land” (“LotL”) attacks in which adversaries use USB devices to gain access to industrial control systems to hide and observe operations before launching attacks that evade detection and manipulate the target systems. 

LotL attacks

"Targeted cyber-physical attacks are more than zero-day exploits that take advantage of an unknown or unaddressed vulnerability," said Micheal Ruiz, Vice President of OT cybersecurity for Honeywell. 

He adds, "Instead, they are now also about silent residency – using LotL attacks to wait until there is an opportune moment to turn a system against itself."

Secure Media Exchange

Key findings in the report indicate that adversaries have a strong understanding of industrial environments

In its sixth year, the report underscores the severe risk USB-borne malware poses to industrial and critical infrastructure facilities. Key findings in the report indicate that adversaries have a strong understanding of industrial environments and how they operate. 

According to the report, most of the malware detected on USB devices by Honeywell’s Secure Media Exchange could cause loss of view or loss of control of an industrial process, a potentially catastrophic scenario for operators.

Advanced end-to-end technology

"As digital transformation and automation accelerate, so does the exposure to sophisticated and malicious cyberattacks that can have devastating consequences in terms of reputation, safety, and continuity," said Micheal Ruiz.

He continues, "There are numerous ways a bad actor can infiltrate an OT environment, including through USBs. With Honeywell’s advanced end-to-end technology and deep experience, we partner with our customers to improve their ability to protect their assets and data from these threats."

Additional key findings 

The 2024 report is based on the Honeywell Global Analysis, Research, and Defense (GARD) team’s tracking and analysis of aggregated cybersecurity threat data from hundreds of industrial facilities globally during 12 months. 

Several of the report’s additional key findings included: 

  • USB devices continue to be used as an initial attack vector in industrial environments, as 51% of malware is designed to spread via USB, a nearly six-fold increase from 9% in 2019.
  • Content-based malware, which uses existing documents and scripting functions maliciously, is on the rise, accounting for 20% of malware. 
  • Over 13% of all malware blocked specifically leveraged the inherent capabilities of common documents, such as Word, Excel, and PDF documents. 
  • 82% of malware is capable of disrupting industrial operations, resulting in loss of view, loss of control, or system outages in OT environments.
Download PDF version Download PDF version

Related videos

Enhanced security with S617 video door station

Enhanced security with S617 video door station
DNAKE S-series video door phone

DNAKE S-series video door phone
Install in minutes, no tech required: DNAKE intercom kit IPK04 & IPK05

Install in minutes, no tech required: DNAKE intercom kit IPK04 & IPK05

In case you missed it

Bosch sells security unit to Triton for growth
Bosch sells security unit to Triton for growth

Bosch is selling its Building Technologies division’s product business for security and communications technology to the European investment firm Triton. The transaction enc...

In age of misinformation, SWEAR embeds proof of authenticity into video data
In age of misinformation, SWEAR embeds proof of authenticity into video data

The information age is changing. Today, we are at the center of addressing one of the most critical issues in the digital age: the misinformation age. While most awareness of thi...

Marin Hospital enhances security with eCLIQ access control
Marin Hospital enhances security with eCLIQ access control

The Marin Hospital of Hendaye in the French Basque Country faced common challenges posed by mechanical access control. Challenges faced Relying on mechanical lock-and-key technol...

Featured white papers
Palm vein recognition

Palm vein recognition

Download
The key to unlocking K12 school safety grants

The key to unlocking K12 school safety grants

Download
5 surprising findings from OT vulnerability assessments

5 surprising findings from OT vulnerability assessments

Download
Honeywell GARD USB threat report 2024

Honeywell GARD USB threat report 2024

Download
Selecting the right network video recorder (NVR) for any vertical market

Selecting the right network video recorder (NVR) for any vertical market

Download
Quick poll
What is the most significant challenge facing smart building security today?
More corporate news
Finnish Defence Forces logistic command acquires F-35 fighter avionics and maintenance services from technology company Insta

Finnish Defence Forces logistic command acquires F-35 fighter avionics and maintenance services from technology company Insta
Synectics' latest Synergy release takes incident collaboration beyond the control room

Synectics' latest Synergy release takes incident collaboration beyond the control room
ADT – Knoxville, TN receives TMA Five Diamond Monitoring Center Designation

ADT – Knoxville, TN receives TMA Five Diamond Monitoring Center Designation
Featured products
Hikvision Unveils WonderHub: Revolutionising Interactive Displays for Collaboration

Hikvision Unveils WonderHub: Revolutionising Interactive Displays for Collaboration
Verkada GC31 Cellular Gateway for Seamless Device Connectivity

Verkada GC31 Cellular Gateway for Seamless Device Connectivity
Hikvision AX Hybrid PRO Alarm System For SMB Industrial Facilities

Hikvision AX Hybrid PRO Alarm System For SMB Industrial Facilities