Top Three Cyberattacks Threatening Industrial Plants in 2018

Industrial companies feel safe: In Germany, 62 percent believe that they are very well-protected, or at least well-protected, against internet threats. But the risk posed by cybercriminals is rising. Plant operators should brace themselves for these three types of attack.

Cyberattackers are becoming increasingly sophisticated, are striking more frequently, and are doing more and more damage. Every year, there are new dangers lurking for industrial companies. Cybercriminals not only hack computers, but can also manipulate valves, causing pumps to explode. They even use the Internet of Things for illegal purposes. For example, hackers can use “swarmbots” to launch lightning-fast attacks on companies via multiple attack vectors at the same time. And exploit kits, which are a kind of collection of malware tools, enable even lesser experienced hackers to cause chaos. Apps and social media are used to spread malicious software, and hacker groups buy and sell illegally obtained business information on the internet for large sums of money. It’s cybercrime as a service.

How do cyberattackers gain access to systems? Here are the biggest dangers that industrial companies should look out for in 2018:

1. People are a risk factor

Trust, respect for an authority figure, and a willingness to help are all qualities of an employee that attackers exploit in social engineering. The target of such attacks is manipulated. In this way, attackers can infiltrate businesses undetected and work toward their actual goal: industrial espionage or equipment manipulation. How do hackers go about this? Most commonly, they use traditional modes of communication, such as telephone or email, but social networks also serve their purposes. Before the attacker contacts their target, they collect any readily available information about them. And in the era of big data, that can amount to a great wealth. As soon as an attacker knows enough about the targeted employee, they make contact – either as a fake applicant, an HR employee, a coworker, or even as a manager. They can then infect the target’s computer with malware or manipulate them into sharing passwords and login data.

IT security software is now taking on greater significance at almost every company – yet the risk posed by people is underestimated. This leads to a false sense of security. Social engineering will not be reinvented in 2018, but it will remain a real threat until awareness about IT security becomes firmly established in the minds of employees. There is even a risk that the danger will grow, as the methods involved are relatively easy to perform and do not require any specialist skills in hacking. All that is needed is in-depth research and a little knowledge about psychology.

“In Industry 4.0, we cannot afford the current deficit. We need to think about the security of interconnection from the very beginning ¬– security by design is key.”
Cornelius Kopke,
Head of Public Security and Economic Protection, Bitkom e.V.

2. Backdoor attacks

In today’s world, devices, systems, and entire production processes are connected to the internet within the Internet of Things. There is a growing attack surface for hackers. DDoS (distributed denial of service) attacks are a popular method. The targeted system is flooded with simultaneous requests from a large number of external computers until the load causes it to crash. This incapacitates all devices connected to the system. Experts believe that the number of DDoS attacks is rising, because they become more effective as more devices are connected to the internet. Moreover, it is almost impossible to determine the source and the perpetrator of the attack.

This kind of attack is often targeted at the manufacturing industry as a means of blackmail, spying, or harming competitors. But a DDoS attack can sometimes serve as a distraction tactic for other attacks. They do not even require deep programming knowledge, as “DDoS-for-hire” services enable lesser experienced people to launch an attack. The most popular weapon in attacks on networked systems are “thingbots”: IoT devices that have been infected with malware.

3. Vulnerabilities in security software

Thinking of taking the fight to cybercriminals by simply installing an antivirus program? Even software that was safe yesterday can very quickly become a security vulnerability. To counteract threats, antivirus programs have extensive privileges and deep access to systems. They are designed to search through files on computers: a dream come true for hackers. In 2017, rumors were circulating that Russian hackers used Kaspersky security software to spy on an NSA employee. It is therefore important to be on guard. In 2018, the number of cyberattackers targeting IT security software could increase as they attempt to illegally control devices and manipulate users.

Once inside a system, cyberattackers can cause enormous damage. Cybersecurity researcher Marina Krotofil illustrated a worrying scenario at the Black Hat hacker conference in Las Vegas. If someone successfully manipulates valves, they can cause bubbles to appear in liquids. When these implode, they cause pitting on impellers, gaskets, and bearings. In the worst case, the pump will explode. In chemical plants and oil and gas facilities, this would cause severe harm to people and the environment. On the bright side, such an attack requires a huge amount of expertise and considerable knowledge of the target’s internal processes. But cyberattackers will not stop there. Just like the rest of the world, they continue to develop and hone their skills. The manufacturing industry needs to prepare itself for the next generation of cyberattacks.