545,562 active members*
7,325 visitors online*
Register for free
Login Register
WIBU-SYSTEMS Blog

Perfection in Protection, Licensing, and Security

Cyber-Threats in Industrial Network

May 2021
20
Author: Wibu-Systems
Company: WIBU-SYSTEMS AG
Cyber-Threats in Industrial Network

The recent cyber-attack on the Colonial pipeline in the U.S. is a stark reminder of the very real threats that exist to global infrastructure. The pipeline which carries 45% of the U.S. East Coast’s supply of diesel, petrol, and jet fuel per day, was hit with a ransomware cyber-attack, effectively disrupting the flow of fuel for several days as several pipelines were taken offline to contain the threat. As a result of the disruption in the supply chain, U.S. fuel prices rose six cents per gallon in a matter of days. Whether the purpose of this particular attack was political gain, societal disruption, or simple monetary greed as purported in this case, the incident highlights the omnipresent risks that cyber-criminals pose to not only industrial infrastructure like a fuel pipeline, but to businesses, military, and the general population as well in a highly digitalized age.

Just a few weeks prior to this event, Oliver Winzenried, CEO, and co-founder of Wibu-Systems, was interviewed by the Allianz Industrie 4.0 Baden-Wuerttemberg during the Hannover Messe, a premier global technology exhibition, presented virtually in 2021. Ironically, the topic of the discussion was Cyber Threats in Industrial Networks.

During the interview with the Allianz’ Lukas Schleicher, Oliver reflected on the dramatic changes he has seen in the security landscape over the past 30 years since founding Wibu-Systems as a company dedicated to software protection and secure licensing. In 1989, the company was simply focused on protecting PC software against one-to-one copying. Today, he noted, the landscape is much different and much more complicated as software is pervasive in virtually all products, not just standalone PCs. Now, software exists in embedded systems that can be operated by any number of different types of controllers, gathering process data from various sensors, running over different operating systems, and all created by diverse programming languages. Add to that scenario the digitalization of industry and the networking of the Internet of Things, and the opportunities for cyber-attacks increase exponentially.

“The automation advantages that one envisions for Industry 4.0, for example, can only be implemented when production facilities, machines, and tools are networked,” Oliver said. “Of course, this increases the opportunities for cyber-attacks. The protection against malicious manipulation of industrial systems is becoming more and more important and the levels of protection must be increased accordingly. Product manufacturers must make the investment in security technology, even if it doesn’t add functional value for the end user.”

Oliver further noted that no one company has a security solution that can protect every imaginable product and application. “What we can do,” he added, “is to provide the technology, software, and tools that can be integrated by the manufacturers, with our help, into the various products and applications. Each manufacturer needs to assess the threat landscape and integrate security accordingly, whether the products are used in the medical, industrial, or other sectors. Take, for example, the automotive industry. When you bring your car in for service, a technician connects a diagnostic device that identifies any issues in the engine. That tool is operated with software. When you withdraw money from an ATM, that kiosk is operated with software. When you go to the dentist and require a ceramic tooth replacement, the high-tech system used to design and produce the replacement tooth is guided by software. In each of these cases, components of our technology are integrated in the products to not only protect the devices from unauthorized access, reverse engineering, or manipulation, but also to license and monetize the various functions and features of the system, in a pay-per-use model for example.”

New threat vectors will emerge continuously, and Oliver emphasized that technology must evolve as well. Cryptography must be refined and enhanced to address new threats. To that end, Wibu-Systems works closely with research institutions like the Karlsruhe Institute of Technology, universities, and other technology companies. Cooperative efforts are vitally important to stay ahead of the malicious actors. The company also embarked upon an important new construction project.

“Three years ago,” Oliver said, “we decided to build modern and ecologically sustainable headquarters in Karlsruhe and expand our campus with the House of IT Security, a facility built alongside our new head offices. The idea for this effort was to create a collaborative community for start-ups, research organizations, and the security arms of established companies that would foster cooperative research efforts, networking, and innovation, all focused on addressing the security challenges of the present and the future.”

You can watch the complete interview (German language, English subtitles) here.

0 comments

Blog Archiv

July 2021
June 2021
May 2021
April 2021
March 2021
February 2021
January 2021
November 2020
October 2020
September 2020
August 2020
July 2020
June 2020
May 2020
April 2020
March 2020
February 2020
January 2020
November 2019
October 2019
September 2019
August 2019
July 2019
June 2019
May 2019
April 2019
March 2019
February 2019
January 2019
December 2018
November 2018
October 2018
September 2018
August 2018
July 2018
June 2018
May 2018
April 2018
March 2018
February 2018
January 2018
December 2017
November 2017
October 2017
September 2017
August 2017
July 2017
June 2017
May 2017
April 2017
March 2017
February 2017
January 2017
December 2016
October 2016
September 2016
July 2016
June 2016
May 2016
April 2016
March 2016
February 2016
January 2016