Honeywell Report Reveals "Silent Residency" Is Driving Escalating Cyber Threat for Industrial and Critical Infrastructure Facilities
Honeywell Report Reveals "Silent Residency" Is Driving Escalating Cyber Threat for Industrial and Critical Infrastructure Facilities
ATLANTA, April 30, 2024 /PRNewswire/ -- Honeywell (NASDAQ: HON) today released its 2024 USB Threat Report, which provides new insight into how "silent residency" is an increasing cyber threat for industrial and critical infrastructure facilities. In the report, Honeywell highlighted the growing risk of "living off the land" ("LotL") attacks in which adversaries use USB devices to gain access to industrial control systems in order to hide and observe operations before launching attacks that evade detection and manipulate the target systems.
亞特蘭大,2024年4月30日 /PRNewswire/ — 霍尼韋爾(納斯達克股票代碼:HON)今天發佈了其2024年USB威脅報告,該報告對 “靜默居住” 如何對工業和關鍵基礎設施構成日益嚴重的網絡威脅提供了新的見解。霍尼韋爾在報告中強調了 “離地生活”(“LoTL”)攻擊的風險越來越大,在這種攻擊中,對手使用USB設備獲取工業控制系統的訪問權限,以便在發動逃避偵測和操縱目標系統的攻擊之前隱藏和觀察操作。
"Targeted cyber-physical attacks are more than zero-day exploits that take advantage of an unknown or unaddressed vulnerability. Instead, they are now also about silent residency – using LotL attacks to wait until there is an opportune moment to turn a system against itself," said Michael Ruiz, vice president of OT cybersecurity for Honeywell.
“有針對性的網絡物理攻擊不僅僅是利用未知或未解決的漏洞的零日漏洞。相反,他們現在也在談論靜默居留——利用LotL攻擊等到合適的時機使系統自相矛盾。” 霍尼韋爾OT網絡安全副總裁邁克爾·魯伊斯說。
Now in its sixth year, the report underscores the severe risk USB-borne malware poses to industrial and critical infrastructure facilities. Key findings in the report indicate that adversaries now have a strong understanding of industrial environments and how they operate. According to the report, most of the malware detected on USB devices by Honeywell's Secure Media Exchange could cause loss of view or loss of control of an industrial process, a potentially catastrophic scenario for operators.
該報告現已進入第六個年頭,強調了USB攜帶的惡意軟件對工業和關鍵基礎設施構成的嚴重風險。報告中的主要發現表明,對手現在對工業環境及其運作方式有了深刻的了解。根據該報告,霍尼韋爾的Secure Media Exchange在USB設備上檢測到的大多數惡意軟件都可能導致工業過程失控或失去對工業過程的控制,這對於運營商來說可能是災難性的情況。
"As digital transformation and automation accelerate, so does the exposure to sophisticated and malicious cyberattacks that can have devastating consequences in terms of reputation, safety and continuity," said Ruiz. "There are numerous ways a bad actor can infiltrate an OT environment, including through USBs. With Honeywell's advanced end-to-end technology and deep experience, we partner with our customers to improve their ability to protect their assets and data from these threats."
魯伊斯說:“隨着數字化轉型和自動化的加速,複雜和惡意的網絡攻擊也隨之加速,這些攻擊可能會對聲譽、安全和連續性造成毀滅性後果。”“不良行爲者可以通過多種方式滲透到OT環境中,包括通過USB。憑藉霍尼韋爾先進的端到端技術和深厚的經驗,我們與客戶合作,提高他們保護資產和數據免受這些威脅的能力。”
The 2024 report is based on the Honeywell Global Analysis, Research and Defense (GARD) team's tracking and analysis of aggregated cybersecurity threat data from hundreds of industrial facilities globally during a 12-month period.
2024年的報告基於霍尼韋爾全球分析、研究和防禦(GARD)團隊對12個月內來自全球數百個工業設施的彙總網絡安全威脅數據的跟蹤和分析。
Several of the report's additional key findings included:
該報告的其他幾項主要發現包括:
- USB devices continue to be used as an initial attack vector into industrial environments, as 51% of malware is designed to spread via USB, a nearly six-fold increase from 9% in 2019.
- Content-based malware, which uses existing documents and scripting functions maliciously, is on the rise, accounting for 20% of malware.
- Over 13% of all malware blocked specifically leveraged the inherent capabilities of common documents, such as Word, Excel and PDF documents.
- 82% of malware is capable of causing disruption to industrial operations, resulting in loss of view, loss of control, or system outages in OT environments.
- USB 設備繼續被用作工業環境的初始攻擊載體,因爲 51% 的惡意軟件設計爲通過USB傳播,較2019年的9%增長了近六倍。
- 惡意使用現有文檔和腳本功能的基於內容的惡意軟件呈上升趨勢,原因是 20% 的惡意軟件。
- 結束了 13% 在所有被攔截的惡意軟件中,特別利用了常見文檔(例如Word、Excel和PDF文檔)的固有功能。
- 82% 的惡意軟件能夠導致工業運營中斷,從而導致 OT 環境中的視線喪失、控制失控或系統中斷。
To download the full report, visit:
要下載完整報告,請訪問:
About Honeywell
關於霍尼韋爾
Honeywell is an integrated operating company serving a broad range of industries and geographies around the world. Our business is aligned with three powerful megatrends – automation, the future of aviation and energy transition – underpinned by our Honeywell Accelerator operating system and Honeywell Connected Enterprise integrated software platform. As a trusted partner, we help organizations solve the world's toughest, most complex challenges, providing actionable solutions and innovations through our Aerospace Technologies, Industrial Automation, Building Automation and Energy and Sustainability Solutions business segments that help make the world smarter, safer and more sustainable. For more news and information on Honeywell, please visit .
霍尼韋爾是一家綜合運營公司,爲全球廣泛的行業和地區提供服務。我們的業務與三個強大的大趨勢——自動化、航空的未來和能源轉型——保持一致,這些趨勢以我們的霍尼韋爾加速器操作系統和霍尼韋爾互聯企業集成軟件平台爲支撐。作爲值得信賴的合作伙伴,我們通過我們的航空航天技術、工業自動化、樓宇自動化以及能源和可持續發展解決方案業務板塊幫助組織解決世界上最艱鉅、最複雜的挑戰,提供切實可行的解決方案和創新,幫助世界變得更智能、更安全、更可持續。有關霍尼韋爾的更多新聞和信息,請訪問。
Contact:
Jennifer Marsh
[email protected]
聯繫人:
詹妮弗馬什
[電子郵件保護]
SOURCE Honeywell International, Inc.
來源 Honeywell 國際公司
譯文內容由第三人軟體翻譯。