Could you imagine what would happen to your manufacturing company if a hacker took over your control systems? It happened to a German manufacturer. The company could not shut down their blast furnace. The damage, according to a report by Wired, was massive. The hackers accomplished the feat by accessing the steel mill through its business network. Then they progressed their way through production networks and into control systems. They used targeted e-mails that appear to come from a trusted source (called “spear-phishing”). The report also notes the hackers appeared to have sophisticated knowledge of industrial control systems.
What Else Can Hackers Control?
The above incident, which involved physical damage from an entirely digital attack, was just the second confirmed of its kind. Regardless of what you manufacture, or where you make it, hackers can damage it if it connects to the web.
Take a look at how this might play out with other manufacturers and certain types of products:
1. Medical Equipment:
This article shows that robots that perform surgery are vulnerable to hacking. At least it wasn’t real hackers breaking in. Instead, it was a team of professionals doing a test. They were able to control a telerobot with a simple programming trick. The test only applied to this robot specifically, but professionals concluded it’s likely other similar robots are just as vulnerable.
Do you manufacture vehicles? Researchers, in one case, used a CD with a Trojan virus on it. The CD would then alter the computer system’s firmware, allowing access to the attacking party. GM’s Onstar could be another potential entry point.
Hacking vehicles, as of now, is harder. It took researchers two years to develop the Trojan virus exploit.
But with computers and the web becoming increasingly integrated with vehicles, it could be a huge security threat in the future. You need tight, actively monitored, anti-virus and anti-malware in place.
3. No Manufacturer is Safe!
According to Industry Week, in 2012, an anonymous researcher (fortunately not a hacker), pinged all 460 million IP addresses and 3.7 billion devices connected to the web. The researcher found 310 million IP addresses open and ready for attack. The person also found 114,000 vulnerable manufacturing control systems. And 13,000 could be accessed without even entering a password! “If a threat actor decides to focus on your environment, you will be penetrated. It’s simply a fact,” said Doug Wylie, Rockwell Automation’s director of product security risk management.
You Must Proactively Manage Your Security.
The web isn’t safe and secure…especially for manufacturers and installing antimalware and antivirus software is not enough data protection. You must have an in-house or outsourced IT support team in place to monitor your data security. Hackers know who the easiest target is. And many times, they gain access to companies who don’t know about it until years later.