To help industrial sites protect against cyber threats, Honeywell has introduced the Secure Media Exchange (SMX), which provides simple, multi-layered protection by letting users check their devices. For example, they can check in a USB by plugging it into an SMX Intelligence Gateway to analyse and secure the entire drive or specific files.
USB malware has taken power plants offline, downed turbine control workstations, and caused raw sewage floods. In fact, malware spread through USBs, short for Universal Serial Bus, was the second leading threat risk to industrial control systems in 2016, according to BSI publications.
The SMX software can be installed on a plant’s Windows systems where it can control which USB devices are allowed to connect, prevent unverified USB removable media drives from being mounted, and stop unverified files from being accessed. SMX also keeps a log of USB connectivity and file access, providing essential auditing capabilities in the event of a security breach.
The simplicity and ubiquity of USBs make them one of the most difficult tools to manage at industrial sites. Currently, many plants either ban USBs, which is hard to enforce and reduces productivity, or rely on traditional malware scanning solutions, which are difficult to maintain in an industrial control facility and provide limited protection. These options don’t protect process control networks against the latest threats, nor do they offer any way to handle targeted attacks.
“Industrial operators often have hundreds or thousands of employees and dozens of contractors on site every day,” said Eric Knapp, Cybersecurity chief engineer, Honeywell Process Solutions. “Many, if not most, of those rely on USB-removable media to get their jobs done. Plants need solutions that let people work efficiently, but also don’t compromise cyber security and—with it—industrial safety.”