Cybersecurity
"Increasing threat situation" due to cyber attacks
Cyber attacks on business, administration and the healthcare sector are on the rise again. Recently, online blackmailers have been putting pressure on trading companies and local authorities, for example. But what happens if they paralyze entire branches of industry? Protection is becoming increasingly important.
The criminals are sneaking in via the internet - and are not shying away from implementing their insidious plan even in the middle of the pandemic. "Production facilities had to be shut down temporarily because of the blackmail," says Steffen Zimmermann. It cannot be ruled out that the consequences of the attack may have "permeated into Covid-19 supply chains".
What happened at the French pharmaceutical company Pierre Fabre at the end of March is still on the mind of the head of the Competence Center for Industrial Security at the mechanical engineering association VDMA in Frankfurt. Following a hacker attack on the company's IT, there were delays in tightly scheduled processes and claims for damages were also made. And all of this in an industry that is currently operating at full capacity to further contain the coronavirus crisis.
Growing threat to mechanical engineering
Whether in medicine, at car manufacturers or in other industrial companies: Not only the office software on employees' computers, but also the complex control systems of entire machine parks are vulnerable to cyberattacks. Serious incidents in the increasingly networked Internet of Things with digitally communicating systems are still relatively rare, reports Zimmermann - apart from examples such as the multiple attacks on Thyssenkrupp. But the danger is increasing. Some companies still need to be made aware of the urgency.
"It's impossible to protect yourself 100%," admits the VDMA expert. "Anyone can be hit, just as any immune system can be hit by a virus. However, increased awareness must also lead to investments in more security." Companies often only react when hackers have already wreaked havoc and all they can do is react. "The number one issue for the mechanical engineering industry is now cyber security."
In the event of large-scale encryption of data by blackmail software (ransomware), large production plants could be completely shut down for four to six weeks. "With all the consequences, this can take up to nine months - in the end, the company will no longer look the same."
Mechanical engineering: Cybersecurity as a quality feature
If this happens in already tense times of crisis, the risks can escalate - especially in the healthcare sector. In winter, for example, there were reports that North Korean hackers had attempted to obtain information about the coronavirus vaccine from US company and Biontech partner Pfizer.
Hospitals are not immune to digital intruders either: the Göttingen public prosecutor's office is currently investigating an online extortion case at the hospital in Wolfenbüttel, Lower Saxony. In the district of Anhalt-Bitterfeld in Saxony-Anhalt, virtually nothing worked after a similar attack on the administration's IT system.
What can be done specifically to strengthen prevention and defense? Major insurers have long recognized the problem, but are now pointing to the intensified race between software providers and criminals to discover vulnerabilities and security gaps. The best-known case of a cyber attack on industrial infrastructure is probably still the Stuxnet virus discovered in 2010, which sabotaged uranium enrichment facilities in Iran.
Better protection for operational IT
The impacts are getting closer again. "We have been seeing a steadily increasing threat situation for a good year and a half, which has recently changed again very dynamically," says Johannes Steffl, who is responsible for analyzing cyber risks at industrial insurer HDI Global in Hanover. "This may be partly due to the coronavirus, because some IT processes are not as well protected when working from home." However, the topic is also becoming more important for 'operational IT' in production: "We're talking about IT that controls systems and machines around the clock. Some companies are still working with old systems."
In the era of Industry 4.0, machine builders need to consider cyber security right from the system design stage. "This will become a key quality feature," says Steffl. "Because if a cyberattack really does affect the production of an entire industry, the damage from a long interruption can be considerable. Or there may even be defects in the products that were still being manufactured after the attack." In industry circles, it is sometimes said that there is also a temptation to delay the shutdown a little - according to the motto: "Never change a running system."
The damaging scatter effect would also be great in the energy industry, with the risk of blackouts as a keyword. However, Steffl believes that the motives here are often different. "When it comes to attacks on the power grid and similar conceivable actions, you have to think more in terms of terrorist or political objectives." Traditional cyber criminals are more likely to have reservations about paralyzing an entire country. "They are mostly interested in disruption, not pure destruction."
Take care of sensitive matters offline
Either way, it seems clear that industry and administration need to take the problem more seriously - and perhaps deal with particularly sensitive matters offline outside of day-to-day operations. "We live in a world of deceptive security," says the Lower Saxony Association of Towns and Municipalities. "In the long term, it will only help us if we process important matters in isolated systems."
Zimmermann, in whose association companies have joined forces to form a working group against network blackmail, sees the core problem as follows: "Recklessness is still a difficult field."













