As highlighted in Honeywell’s USB Threat Report, critical infrastructure remains a prime target of cyber threats derived from USB devices. Operational technology (OT) environments, which rely on hardware and software to operate physical assets such as industrial equipment or building management systems, are particularly vulnerable to such attacks.
The report emphasizes the growing sophistication of cyberattacks on industrial sites in recent years. Malware found on USB storage devices used for file transfer within, to and from industrial facilities is a significant threat. Cyber attackers are becoming increasingly adept at exploiting the operations of industrial environments to cause significant damage. Many attackers use USB devices to infiltrate industrial control systems undetected, observing operations before launching attacks that exploit the systems’ capabilities.
One notable trend highlighted in the report is the rising targeting of industrial systems by malware. In fact, 31% of all malware attacks were aimed at industrial systems and sites in 2024, marking a significant increase from 16% in 2016. The impact of malware on OT environments can be substantial, leading to loss of visibility, control or system outages that can severely disrupt industrial operations.
Honeywell’s research shows that a majority (82%) of malware is capable of disrupting industrial operations, signaling a significant threat to critical infrastructure. Furthermore, the report reveals that an increasing number of targeted attack campaigns use removable media like USB devices, with over half (51%) of all malware attacks in 2024 targeted at such devices, marking an almost six-fold increase from the 9% reported in 2019. This trend underscores the urgent need for OT environments to bolster their cybersecurity defenses against USB-derived cyber threats to safeguard critical infrastructure from potentially devastating attacks.
In conclusion, OT environments need to enhance their cybersecurity measures given the increasing frequency and sophistication of cyberattacks on industrial sites in recent years. The growing targeting of industrial systems by malware poses a significant threat to critical infrastructure and highlights the urgent need for OT environments to bolster their defenses against USB-derived cyber threats.
