A single mail can be enough to infect the entire corporate network. This is how you protect yourself from the danger.
Malicious programs do not shy away from the industry and can cause devastating damage. Symbolic photo: Chris Reid, Unsplash
At the beginning of December, machine manufacturer KraussMaffei announced an attack on the Munich-based company's IT system. A Trojan had attacked computers and encrypted stored documents, resulting in reduced production. This shows that not only IT companies are the target of hackers. Rather, all industries are in danger of such attacks.
Malware is quickly installed
Already a single malicious mail, a mistakenly accessed website or the installation of an unknown programme can completely compromise a company's infrastructure. Viruses often replicate to other computers connected to the network within a few moments. A chain reaction then develops. More and more devices will get the code of the malware installed on them, which can then cause trouble.
These programmes operate in a variety of ways. At the latest in 2017, blackmail Trojans, also known as ransomware, achieved sad fame. The "WannaCry" programme installed itself on hundreds of thousands of computers - regardless of whether they were private machines or company computers. This cyber-attack was aimed at encrypting files on the hard drive. Users could no longer work with their computers. In order to gain access again, several hundred Euros should be transferred to the attacker by means of the crypto currency Bitcoin. KraussMaffei was probably hit by a similar malicious programme.
Especially in the corporate environment, malicious programmes, which act in the background all the time, are more frequently used. Such software is generally referred to as spyware. Main field of application: Industrial or competitive espionage. The user does not even notice that another programme is running in the background. Keyloggers that send keyboard entries to third parties - including user names, passwords and possibly confidential texts - were popular not too long ago. Today, programmes are used that specifically upload files or transmit screen content. Internal information such as customer data, account details and project plans are quickly lost.
Train your employees regularly
To ensure that malicious software does not end up on the company's infrastructure, employees should be trained regularly. Because: In most cases, a human error is the first step. For example, the accounting department can erroneously open a PDF file that at first glance appears to be an official invoice, but then turns out to be a virus at second glance. Now the malware is already in the system. The staff can be brought up to date by internal IT or external service providers and learn simple rules of conduct. These include, amongst other things:
Trust only known email senders
Do not click on links that do not have a known source
Be suspicious of websites that offer downloads
Never give out your own password
Do not plug foreign USB sticks into the company network
Cyber-attacks: Current infrastructure of great interest
A security infrastructure that is always kept up to date is particularly important. Old operating systems such as Windows XP have not been supported by Microsoft for years. This means that there are no longer any updates for current threats in the form of viruses, and all doors are open to attackers. Antivirus programmes should also always have up-to-date virus definitions installed in order to be able to detect new malware reliably. Only in this way can the security software intervene before damage occurs.
The technical infrastructure should always be maintained by professionals. Many security settings are not trivial for the normal user; a central administration can set the right standards and prevent problems. This keeps malware on a single computer and prevents it from spreading uncontrollably. Through targeted monitoring of the network, problems are detected in real time and are solved just as quickly.
Regular backups of critical systems should also be standard. This is the only way to avoid or at least minimise production losses. Reinstalling the backup is often faster and less expensive than restoring a hacked system.
"Smart" devices are a gateway to cyber-attacks.
Hackers target every little piece of information they can get. Symbol photo: Samuel Zeller, Unsplash
Not only normal computers are affected by malware. Due to the increasingly far-reaching networking of production lines, these systems are often also connected to the Internet or at least the Intranet. If these access points are not adequately protected, manipulation from outside is a real danger. This is shown, for example, by the "Stuxnet" programme, which sought its way to programmable logic controllers through an unsecured infrastructure and paralysed them.
Also systems that are connected to the Internet for easier operation can in principle be attacked from the outside. Some security cameras are not sufficiently protected against attacks. They transmit the live image unencrypted through the Internet. With a little criminal energy, masses of unprotected cameras can be found. Some very normal printers have an interface that supports the printing of files via the Internet. There are similar safety risks for CNC milling machines or machines in additive manufacturing.
In principle, it is advisable to use only smart systems certified for industrial use or to subject the desired system to an extensive safety test. This is the only way to ensure that a surveillance camera does not at some point transmit confidential information to the outside world or install malicious codes. In the industrial world, foresight is always better than hindsight.