The humble USB device has been a tool of portability and convenience when it comes to transferring files, however there are also major security implications as they are shared from one computer to another.
In industrial control systems, USB devices and malware hiding within them were the second-biggest threat to systems last year, according to research by BSI publications.
Uncontrolled USB devices, initially used by employees and contractors to patch, update and exchange data, have played parts in taking down power plants and turbine control workstations.
Industrial cybersecurity provider Honeywell Process Solutions (HPS) has recognised the need for better security against USB-borne threats and has developed a new Secure Media Exchange (SMX) solution.
Eric Knapp, HPS’ cyber security chief engineer, says hundreds or thousands of contractors could be on site every day.
“Many, if not most, of those rely on USB-removable media to get their jobs done. Plants need solutions that let people work efficiently, but also don’t compromise cyber security and, with it, industrial safety,” he says.
The company states that many plants outright ban USB devices or use traditional malware scanning solutions. However, those methods don’t protect against the latest threats and don’t address targeted or zero-day threats.
Honeywell developed its SMX application in conjunction with cybersecurity experts and User Group customers, the company states.
“For most plants, the proliferation of removable media and USB devices is unavoidable, but the security risks they bring don’t have to be. We know our customers have limited resources to maintain another system, so Honeywell manages SMX for them. SMX never connects to our customers’ process control networks. From a system administration perspective, it’s like it’s not even there,” Knapp explains.
Users plug in their USB device through an SMX Intelligence Gateway. The gateway then analyses the device for threats. In addition, customers can also use SMX client software to control when and where USB devices are mounted.
Honeywell also partners with Microsoft, Intel Security and Palo Alto Networks to continue developing industrial threat detection techniques.