免费注册 登录 广告服务 | 客服中心


fluketop kollmorgen 抖音 西门子减速电机 德嘉 台达 英威腾 泓格论坛 西门子 我和LOGO!有个约会 FLIR红外热像论坛 【有奖活动】英威腾 “Ni美国国家仪器 “PLC发展趋势大讨论”活动圆满结束 艾睿光电产品体验活动 cc-link图文征集活动 西门子SMART LINE V3
工控论坛首页 工控英语角 → 浏览主题: (异域来风)霍尼韦尔网络安全报告:过去12个月USB对工业的威胁风险增加了一倍
发表新帖 回复该主题
回帖:0个,阅读:211 [上一页] [1] [下一页]
* 帖子主题:


lizy 版主
发表于:2020/7/28 16:16:11
Honeywell Cybersecurity Report: USB threat risk to industrials doubles over last 12 months

In a report released by Honeywell based on cybersecurity threat data collected from hundreds of industrial facilities globally, the severity of threats detected to operational technology (OT) systems has risen by significant amounts over a 12-month period.


The findings from the latest Honeywell Industrial USB Threat Report show that the total amount of threats posed by USB removable media to industrial process control networks remains consistently high, with 45% of locations detecting at least one inbound threat. Over the same time period, the number of threats specifically targeting OT systems nearly doubled from 16 to 28%, while the number of threats capable of causing a loss of view or other major disruption to OT systems more than doubled, from 26 to 59%.

这份最新的《霍尼韦尔工业USB威胁报告》显示,USB可移动媒介对工业过程控制网络构成的威胁总数一直保持较高水平,其中45%的位置检测到至少一个入站威胁。在同一时期,专门针对OT系统的威胁数量几乎翻了一番,从16%增加至28%,而能够对OT系统造成视觉丧失或其他重大破坏的威胁数量翻了一番以上,从26%增至59% 。

The report shows that 1 in 5 of all threats was designed specifically to leverage USB removable media as an attack vector, and more than half the threats were designed to open backdoors, establish persistent remote access or download additional malicious payloads. These findings are indicative of more coordinated attacks, likely attempting to target air-gapped systems used in most industrial control environments and critical infrastructure.


“USB-borne malware continues to be a major risk for industrial operators,” said Eric Knapp, director of Cybersecurity Research and engineering fellow, Honeywell Connected Enterprise, Cybersecurity. “What’s surprising is that we’re seeing a much higher density of significant threats that are more targeted and more dangerous. This isn’t a case of accidental exposure to viruses through USB – it’s a trend of using removable media as part of more deliberate and coordinated attacks.”

“USB传播的恶意软件仍然是工业运营商的主要风险,”霍尼韦尔网络安全公司网络安全研究部主任兼工程研究员Eric Knapp说道。“令人惊讶的是,我们看到的重大威胁密度更高,目标更明确,也更危险。这不是一个通过USB意外感染病毒的案例,而是一种趋势,也就是使用可移动介质作为更加蓄意和协调攻击的一部分。”

The Honeywell Industrial USB Threat Report examines data collected from Honeywell’s Secure Media Exchange (SMX) technology, which is designed to scan and control removable media, including USB drives. As the second most prevalent attack vector into industrial control and automation systems, USB devices play an important role in attacks that target OT systems. In recent years, such attacks have included Disttrack, Duqu, Ekans, Flame, Havex, Industroyer, USBCulprit and others.

To reduce the risk of USB-related threats, Honeywell recommends that organizations implement a blend of OT cybersecurity software products and services such as Honeywell’s Secure Media Exchange (SMX), the Honeywell Forge Cybersecurity Suite, people training and process changes.

为了降低USB相关威胁的风险,霍尼韦尔建议各组织结合OT网络安全软件产品和服务,例如霍尼韦尔的安全媒体交换(SMX)、霍尼韦尔Forge Cybersecurity网络安全套件进行人员培训和流程变更。

SMX provides operators with unprecedented control and visibility into the more secure use of USB technology with the latest in advanced threat detection capability for critical infrastructure and facilities. The Honeywell Forge Cybersecurity Suite can monitor for vulnerabilities such as open ports or the presence of USB security controls to strengthen endpoint and network security, and it helps ensure better cybersecurity compliance.

SMX为操作员提供了前所未有的控制和可视性,使他们能够更安全地使用USB技术,并为关键基础设施和设施提供最新的高级威胁检测功能。霍尼韦尔Forge Cybersecurity网络安全套件可以监视漏洞,例如开放端口或USB安全控制的存在,以增强端点和网络安全性,并帮助确保更好的网络安全合规性。

关于我们 | 联系我们 | 广告服务 | 本站动态 | 友情链接 | 法律声明 | 非法和不良信息举报

版权所有 工控网 Copyright©2021, All Rights Reserved