Honeywell (NYSE: HON) today announced the latest release of Secure Media Exchange (SMX), a cybersecurity solution to protect industrial operators against new and emerging Universal Serial Bus (USB) threats. SMX now includes patent pending capabilities to protect against a broad range of malicious USB device attacks, which disrupt operations through misuse of legitimate USB functions or unauthorized device actions. These advanced protections complement additional SMX enhancements to malware detection, utilizing machine learning and artificial intelligence (AI) to improve detection by up to 40 percent above traditional anti-virus solutions according to a Honeywell study. Together, these updates to the SMX platform deliver comprehensive, enterprise-wide USB protection, visibility and control to meet the demanding physical requirements of industrial environments.
USB devices include flash drives and charging cables, as well as many other USB-attached devices. They represent a primary attack vector into industrial control system (ICS) environments, and existing security controls typically focus on the detection of malware on these USBs. While important, research shows an emerging trend toward new categories of USB threats that manipulate the capabilities of the device standard to circumvent traditional security controls and directly attack ICS. Categorically, these malicious USB device attacks represent 75 percent of today’s known USB attack types, a clear indication of the shift toward new attack methodologies. Because these attacks can weaponize common USB peripherals — like keyboards, speakers — effective protection requires sophisticated device validation and authorization.
“Malicious USB attacks are increasingly sinister in their ability to emulate, exploit and manipulate USB devices, often causing damage and operational outages,” said Sam Wilson, global product marketing manager, Honeywell Industrial Cybersecurity. “Honeywell is the first to deliver a powerful industrial cybersecurity solution to protect against malicious USB device attacks, which represent the majority of USB threat types and advanced malware. And as USB usage increases and devices proliferate, human verification of device actions will continue to play an important role.”
SMX protection includes Honeywell’s innovative Trusted Response User Substantiation Technology (TRUST), which introduces a human validation and authentication step to ensure that USB devices are what they claim to be. TRUST helps prevent unwanted or suspicious devices from introducing new threats into the industrial control environment. In the case of USB storage devices, additional layers of advanced malware detection technology are used to further protect against malware, including machine learning and AI to improve detection of increasingly complex malware, including zero days and evasive malware.
SMX helps customers make changes across people, process and technology that will improve their industrial cybersecurity maturity. It trains USB users to look for potential issues as they plug in, while reinforcing plant check-in and check-out processes for plant managers. As a technical control, SMX continuous threat protection and its latest enhancements ensure that customers can check USBs anywhere to scale industrial cybersecurity with ease.
The latest SMX technology release includes a host of additional features including:
- New Centralized Management: provides unmatched visibility of USB devices entering industrial control environments and centralized threat management across all SMX sites, for time-saving security management and simple-to-view insights unique to the customer’s environment.
- New ICS Shield Integration: provides additional visibility into USB activity on protected end nodes, closing the loop between centralized management services and distributed protections inside the ICS, without violating industry best practices of zone segmentation.
- Expanded SMX offering: provides multiple form factors to meet specific industrial needs, including portable SMX ST models for busy operational staff, and fully ruggedized models that meet industrial use cases including hazardous environments, military standard conditions and gloves-on worker situations.
Honeywell will demonstrate malicious USB device attacks at the upcoming RSA Conference in San Francisco on March 7, 2019.