霍尼韦尔网络安全报告:过去12个月USB对工业的威胁风险增加了一倍
2020-07-28 16:14 来源:翻译
Honeywell Cybersecurity Report: USB threat risk to industrials doubles over last 12 months
霍尼韦尔网络安全报告:过去12个月USB对工业的威胁风险增加了一倍
In a report released by Honeywell based on cybersecurity threat data collected from hundreds of industrial facilities globally, the severity of threats detected to operational technology (OT) systems has risen by significant amounts over a 12-month period.
霍尼韦尔根据从全球数百个工业设施收集的网络安全威胁数据发布的一份报告显示,在12个月的时间里,对运营技术(OT)系统检测到的威胁的严重性已大幅上升。
The findings from the latest Honeywell Industrial USB Threat Report show that the total amount of threats posed by USB removable media to industrial process control networks remains consistently high, with 45% of locations detecting at least one inbound threat. Over the same time period, the number of threats specifically targeting OT systems nearly doubled from 16 to 28%, while the number of threats capable of causing a loss of view or other major disruption to OT systems more than doubled, from 26 to 59%.
这份最新的《霍尼韦尔工业USB威胁报告》显示,USB可移动媒介对工业过程控制网络构成的威胁总数一直保持较高水平,其中45%的位置检测到至少一个入站威胁。在同一时期,专门针对OT系统的威胁数量几乎翻了一番,从16%增加至28%,而能够对OT系统造成视觉丧失或其他重大破坏的威胁数量翻了一番以上,从26%增至59% 。
The report shows that 1 in 5 of all threats was designed specifically to leverage USB removable media as an attack vector, and more than half the threats were designed to open backdoors, establish persistent remote access or download additional malicious payloads. These findings are indicative of more coordinated attacks, likely attempting to target air-gapped systems used in most industrial control environments and critical infrastructure.
该报告显示,五分之一的威胁是专门设计为利用USB作为攻击媒介,而超过一半的威胁则设计为打开后门、建立持久的远程访问或下载其他恶意负载。这些发现表明存在更多的协同攻击,可能试图针对大多数工业控制环境和关键基础设施中使用的气隙系统。
“USB-borne malware continues to be a major risk for industrial operators,” said Eric Knapp, director of Cybersecurity Research and engineering fellow, Honeywell Connected Enterprise, Cybersecurity. “What’s surprising is that we’re seeing a much higher density of significant threats that are more targeted and more dangerous. This isn’t a case of accidental exposure to viruses through USB – it’s a trend of using removable media as part of more deliberate and coordinated attacks.”
“USB传播的恶意软件仍然是工业运营商的主要风险,”霍尼韦尔网络安全公司网络安全研究部主任兼工程研究员Eric Knapp说道。“令人惊讶的是,我们看到的重大威胁密度更高,目标更明确,也更危险。这不是一个通过USB意外感染病毒的案例,而是一种趋势,也就是使用可移动介质作为更加蓄意和协调攻击的一部分。”
The Honeywell Industrial USB Threat Report examines data collected from Honeywell’s Secure Media Exchange (SMX) technology, which is designed to scan and control removable media, including USB drives. As the second most prevalent attack vector into industrial control and automation systems, USB devices play an important role in attacks that target OT systems. In recent years, such attacks have included Disttrack, Duqu, Ekans, Flame, Havex, Industroyer, USBCulprit and others.
《霍尼韦尔工业USB威胁报告》检查了从霍尼韦尔安全媒体交换(SMX)技术收集的数据,该技术旨在扫描和控制包括USB驱动器在内的可移动媒体。作为工业控制和自动化系统中第二大最普遍的攻击媒介,USB设备在针对OT系统的攻击中扮演着重要角色。近年来,此类攻击包括Disttrack、Duqu、Ekans、Flame、Havex、Industroyer、USBCulprit等。
To reduce the risk of USB-related threats, Honeywell recommends that organizations implement a blend of OT cybersecurity software products and services such as Honeywell’s Secure Media Exchange (SMX), the Honeywell Forge Cybersecurity Suite, people training and process changes.
为了降低USB相关威胁的风险,霍尼韦尔建议各组织结合OT网络安全软件产品和服务,例如霍尼韦尔的安全媒体交换(SMX)、霍尼韦尔Forge Cybersecurity网络安全套件进行人员培训和流程变更。
SMX provides operators with unprecedented control and visibility into the more secure use of USB technology with the latest in advanced threat detection capability for critical infrastructure and facilities. The Honeywell Forge Cybersecurity Suite can monitor for vulnerabilities such as open ports or the presence of USB security controls to strengthen endpoint and network security, and it helps ensure better cybersecurity compliance.
SMX为操作员提供了前所未有的控制和可视性,使他们能够更安全地使用USB技术,并为关键基础设施和设施提供最新的高级威胁检测功能。霍尼韦尔Forge Cybersecurity网络安全套件可以监视漏洞,例如开放端口或USB安全控制的存在,以增强端点和网络安全性,并帮助确保更好的网络安全合规性。