USB-borne malware continues to pose a major threat to public critical infrastructures. Nearly a decade after the Stuxnet worm became one of the most powerful USB-based malware strains to attack Iranian nuclear plants, the use of removable devices has drastically dropped. However, USB devices continue to be used by sectors responsible for handling some of the most important public infrastructures.
To combat the threat posed by advanced USB malware, a new USB scanning tool was launched by Symantec. The Industrial Control System Protection (ICSP) Neural device has been designed to help industries protect public infrastructure from blackouts caused by cyberattacks that make use of USB malware.
The ICSP Neural device scans USB devices for the presence of malware to prevent known and unknown attacks on IoT and operational technology environments. The company said that the neural device uses Artificial Intelligence (AI) to scan, detect, and sanitize USB-borne malware. Existing ICSP deployments have detected that up to 50 percent scanned USB devices are infected with malware, Symantec reported.
The ICSP Neural scanning process is simple and does not require any specific security skills or training. When the device is connected to a computer it emits visualizations through a LED light ring, signaling that it has detected and destroyed a malware.
“Recent studies have shown that more than half [of industrial control systems] run on outdated Windows systems, leaving them highly-susceptible to risks,” Symantec said in a statement. “For example, the infamous Stuxnet worm used USB-based malware to manipulate centrifuges in Iranian nuclear plants -- ultimately sabotaging a key part of the country's nuclear program.”
“USB devices are given away at events, shared between co-workers, and reused again and again for business and personal use, introducing the risk of accidental or malicious infection. The impact of connecting an infected device to a critical system can be devastating,” Symantec senior VP, Patrick Gardner, said.