Honeywell’s 2024 GARD USB Threat Report analyzes malware discovered on USB devices used in industrial settings, highlighting a significant increase in malware prevalence, with a 33% rise in detections compared to the prior year.  The malware poses a serious threat to operational technology (OT) systems, with 26% capable of causing major disruptions like loss of control or data visibility, and also identifies a growing trend of targeted attacks specifically designed to exploit industrial control systems (ICS) and Internet of Things (IoT) devices.  The findings underscore the critical need for robust USB security measures to protect critical infrastructure from cyberattacks, while an industrial cybersecurity report analyzing data from various OT facilities worldwide reveals a concerning rise in USB-based threats.  Attackers are exploiting USB devices to circumvent network defenses, infiltrate systems undetected, steal sensitive information, maintain long-term access, and ultimately disrupt or sabotage industrial operations, which underscores the critical need for robust USB security measures within OT environments.  It analyzes a six-year trend of increasing sophistication in USB-borne malware targeting industrial control systems by identifying a rise in the prevalence and impact of these attacks, including malware designed to exploit process control vulnerabilities.  The most common malware types used in USB attacks, along with their technical tactics for infecting systems, executing malicious code, and spreading across networks via removable media, have been reported.  Adversaries are increasingly turning to “living off the land” (LOL) tactics in cyber-physical attacks, which involve exploiting legitimate tools and functionalities within a system to achieve malicious goals, posing a significant challenge as they bypass traditional security measures.  Document Integrate ANY.RUN in Your Company for Effective Malware Analysis Are you from SOC, Threat Research, or DFIR departments? If so, you can join an online community of 400,000 independent security researchers:

Source: GBHackers