#

Back to blog

The risk of cyberattacks continues to grow – An opportunity for European suppliers?

Jun 8, 2021 | Blog

Cyberattacks and know-how theft in the industry continue to increase – successful attack on Colonial Pipeline only the tip of the iceberg. Security by design applications present an opportunity for European companies to establish a profile for themselves in these circumstances.

Attacks with ransomware are currently pushing classic industrial espionage out of the headlines. Cyberattacks on companies are usually simply about blackmail. Malicious code with an encryption function, so-called ransomware, hijacks control systems and sensitive data until a payoff is made, usually in the form of cryptocurrencies. Most recently, the blackmailing of the Colonial Pipeline in the USA made headlines. However, both threats must still be present in the minds of all those responsible. And both share the same business fundamentals.

What happened? On 7 May 2021, Colonial Pipeline, an American oil pipeline system that originates in Houston, Texas and transports gasoline and jet fuel primarily to the southeastern United States, became the victim of a ransomware cyberattack. In response, Colonial Pipeline Company halted all pipeline operations to contain the attack. Several US states then reported fuel shortages and panic buying. Average fuel prices rose to their highest level since 2014, reaching more than $3 per gallon. A group called Darkside, which specialises in offering extortion software as a service, is believed to be behind the previously successful attack on Colonial Pipeline in the US.

The victims are not always as well-known as Colonial Pipeline, nor are the extorted sums as high as in this case: Colonial Pipeline paid the demanded ransom (75 Bitcoin or almost 5 million US dollars) within a few hours of the attack. The amounts of ransom demanded by Darkside are usually said to be between $200,000 and two million dollars, reports SPIEGEL.

In Germany, two major German media houses, Funke Mediengruppe and Madsack, were attacked. In 2020, Technische Werke Ludwigshafen – a municipal utility that supplies around 100,000 households with energy and drinking water – was blackmailed by hackers. Also in 2020, a ransomware attack paralysed the University Hospital in Düsseldorf.

205 billion euros in total damage

Not an industry meeting is held nowadays at which insiders cannot report behind closed doors about ransomware attacks on critical infrastructures. In addition, experts are still concerned about the theft of know-how. Time and again, SMEs in particular have the painful experience of rediscovering their own product under a different name at an industry trade fair a few months after the start of cooperation with overseas partners. Such and similar experiences are open secrets among industry insiders. And even if improvement is in sight: European conditions are still a long way off.

A survey from 2019 on damage sums incurred due to data theft, industrial espionage or sabotage in German companies comes to over 205 billion euros in total damage. According to the self-assessment of the companies surveyed, 31.2 billion of this was due to legal disputes.

Criminal attacks by blackmailers and governmental/semi-governmental or commercial industrial espionage have the same business basis: ignorance, a lack of risk awareness and the resulting technical shortcomings.

Protecting intellectual property requires rigorous discipline – and the right protocol

Basically, there are two gateways for attackers: namely, people’s susceptibility to carelessness and convenience, and technical vulnerabilities in businesses. Encryption Trojans and other malicious code find easy access to critical infrastructure and sensitive data where people are careless and technology is vulnerable.

Because human vulnerability can always be relied upon, technical systems must be designed to compensate for these human weaknesses. But those who use such secure systems have the chance to distinguish themselves through the topic of security.

Security can only be successful in practice if it is economical and easy to use. The latter aspect is particularly relevant for small and medium-sized enterprises, as they usually do not have adequate expertise in this field. Security by Design applications compensate for these less favourable prerequisites.

In a list of common vulnerabilities, the knowledge platform sichere-industrie.de lists remote maintenance solutions as door openers in second place among technical vulnerabilities and directly below outdated operating systems. “The maintenance of plants and systems that can be reached by their manufacturers via the internet saves effort for on-site operations and prevents cost-intensive failures (predictive maintenance). The multitude of solutions used by individual manufacturers, which have an open door into a company with remote maintenance access (inbound connections, remote access, file sharing), only rarely meet the security needs of the company concerned and heavily depend on the correctness of security settings, prone to human error. Networked production systems in which components exchange data with each other and via the internet are very susceptible to the overarching spread of malware.” states Boris Krassi, Ph.D., Co-Founder & CEO Delta Cygni Labs Group.

A warning that applies to all systems based on the User Datagram Protocol (UDP), which was developed back in the eighties of the last century. In this case, malicious code that gets onto a component via remote maintenance access, for example, via the infected device of an external partner, can reach other systems via the production network and spread further to unsecured areas in the company. Providers of remote maintenance solutions or remote collaboration tools therefore have a special responsibility for user data security.

Systems such as POINTR, which were developed exclusively for industrial applications according to the Security by Design concept, exclude this danger and fulfil the responsibility for the users’ data security.

POINTR is a “field ready” solution developed by Delta Cygni Labs, which is currently the only remote collaboration solution in the world based on the absolutely secure XRTC protocol. XRTC was originally developed to ensure communication between European Space Agency sites in different European countries. From the very beginning, the solution had to meet data security requirements on the level of government and military projects. The development therefore followed the Security by Design (SBD) approach. This means that the software was designed from the scratch to offer no potential points of attack. Here you can delve deeper into the history of transmission protocols and learn how XRTC thinks along with and eliminates human negligence.

European solutions as a competitive advantage

The German Engineering Federation (Verband Deutscher Maschinen- und Anlagenbau e.V. (VDMA) therefore logically demands that industrial security be recognised as an essential product feature

“Last but not least, a competitive advantage can be achieved through strengthened security ‘Made in Europe’, which will be all the more pronounced the more the requirements for industrial cyber security grow. This is especially true if industrial security is recognized as an essential product feature alongside classic, function-oriented security and established as part of the product life cycle of networked plants during product design, cyber-secure commissioning and over the period of use.”

From this perspective, the use of Security by Design applications becomes a real selling point, as they mean one less concern for business owners looking to protect their data and intellectual property – regardless of subject matter expertise and human resources.

For more insights into POINTR’s security architecture, please contact us. Customer stories can be found here.

 

Share This