Hackers are getting smarter, and even with advanced operating and security technology, they know your weak spot: your people.
The highly connected nature of manufacturing and engineering companies, and increasingly complex networks, means that vulnerability and risk are higher than in other sectors. Partitioning OT and machinery from your network with an air gap isn’t an effective measure against USB cyber attacks. In 2019, half of manufacturers fell victim to a data breach, 11% of which were “major.”
It’s amazing that something as small as a USB device could destroy your factory. In the wrong hands, it can steal critical data, deliver malware and lead to dangerous situations on industrial sites. In 2009, a worker inserted a USB infected with the Stuxnet worm into the Natanz control system, smuggled on site by an Iranian double agent working for Israel. Equipment was destroyed and the Iranian nuclear program was delayed – all because of a USB.
What do cyber attackers want? The goal could be to steal data, hijack computers, hold your production line hostage for a ransom, or paralyze business operations – for money, sport, revenge, or even competitive advantage. It can be months before a data breach is discovered and by then, damage can be irreparable.
Refineries, chemical plants and manufacturing companies around the world are at risk from threats including variants of Stuxnet, TRITON, and Mirai. In 2020, the number of threats targeting OT systems nearly doubled from 16 to 28%. 44% of locations detected and blocked at least one threatening file, and 26% of these were capable of significant disruption to operations and critical infrastructure.
1 in 5 threats were specifically designed to leverage USB devices as an attack vector, to open backdoors, establish remote access or download malware. Attacks are getting more co–ordinated and what’s worse, up to 11% of threats were not reliably detected by traditional anti–malware technology.
Cyber security measures need to cover employee behavior. With the KUB on site, you can enforce the regular cleaning of all company and personal USB devices used by employees, suppliers and contractors. The KUB will help you to reduce risks of BYOD, ensure compliance, and educate your workforce in cybersecurity.