What Causes the Majority of Cybersecurity Threats

    Cybersecurity threats stemming from USB devices continue to gain prominence and potency

    Cybersecurity threats aren’t going anywhere as we rely more on technology in business and our personal lives.

    In fact, malware, or software designed with the intent do something malicious, is getting more advanced. As people grow more dependent on their devices, malware becomes more disruptive.

    At industrial facilities, USB removable devices – which aren’t just removable storage, but can also be mouses, keyboards or network adapters that connect by USB – help people collaborate and share data.

    Those devices can also pose a major risk to the facilities where they’re used, as many facilities rely on computers to operate machines, pumps, motors and other physical equipment.

    For the fourth year, we’re sharing the findings we aggregated based on cybersecurity threat data from hundreds of industrial facilities globally over a 12-month period that went through Honeywell’s USB security platform, the Secure Media Exchange (SMX). 

    Here's what to know from the 2022 Industrial Cybersecurity USB Threat Report.

    52% of threats are specifically designed to utilize USB removable devices.

    That’s compared to 37% in 2021, and almost triple from 19% in the 2020 report.

    81% of threats are capable of causing a disruption to Operational Technology (OT) systems, the underlying technology used to control industrial environments.

    That’s up from 79% in the 2021 report.

    Trojans – malware designed to trick you into executing it – account for 76% of threats.

    Typically, a trojan disguises itself as a legitimate software to get you to download or take action, or it embeds malicious code into everyday documents.

    51% of threats are designed to establish remote access or remote control.

    This remains consistent with 2021, but the threat level remains high, according to this year’s report.

    Download this year's Honeywell Industrial Cybersecurity USB Threat Report and learn more about the cyber threats facing businesses, as well as how to detect threats earlier and respond to incidents faster.

    While this report is based on aggregated data from Honeywell Forge SMX and is fully anonymized, the findings represent consolidated views into the collective data set, and sample set findings are interpreted in light of impact upon the larger sample set. Industries represented include all critical infrastructure sectors defined by the Cybersecurity & Infrastructure Security Agency (CISA).