April 30, 2024 at 01:37PM
Industrial cyber attackers are increasingly utilizing USB devices to breach operational technology (OT) networks, employing old malware and vulnerabilities. USBs enable attackers to cross air gaps that separate OT and IT networks, making them an effective threat vector. Defenses against these threats include strict USB policies, scanning stations, and file transfer systems.
Based on the meeting notes, here are the key takeaways:
– Industrial cyberattackers are increasingly using USB devices to penetrate operational technology (OT) networks.
– Attackers leverage old malware and vulnerabilities to achieve their goals in industrial networks.
– USBs are favored due to their ability to bridge air gaps, making them a valuable tool for breaching separated OT and IT networks.
– The use of USBs for cyber threats to industry has increased significantly, from 9% in 2019 to over 50% in 2022.
– Once across the air gap, attackers use “living-off-the-land” tactics for data collection, defense evasion, and privilege escalation, without relying on novel malware or vulnerabilities.
– Commonly exploited vulnerabilities in USB attacks are dated, and the focus is often on disruption or destruction of OT systems.
– Defending against USB threats requires strict USB policies and procedures, along with technology for scanning and checking removable media.
– Organizations are increasingly focusing on managing and securing USB devices, recognizing the significant threat they can pose to industrial networks.
Please let me know if you need further details on any specific aspect of the meeting notes.