A newly released NIST guide (SP 1334) emphasizes the serious risk USB and removable media pose to industrial control systems, especially within operational technology (OT) environments. It underlines that although USB drives are often used for legitimate tasks like firmware updates or diagnostics, they remain a potent vector for malware. The guide concentrates on procedural, physical, and technical controls, plus sanitization and transport management, arguing that organizations must treat all external devices as untrusted by default.

Key measures include strict authorization policies, disabling unnecessary USB ports, enforcing malware scanning before and after use, and using write-protection and encryption. It also recommends securely labeling and storing devices and sanitizing them before disposal or transfer. By consolidating these best practices into a concise format, the guide aims to help ICS operators reduce the operational and safety impacts of USB-borne threats.

‍

Source: https://www.securityweek.com/nist-publishes-guide-for-protecting-ics-against-usb-borne-threats/