Introducing, “industrial cybersecurity” – the next crime wave. Yet another multi-syllable geek term? Not so fast. Remember when you first heard the word “Covid-19” about a year ago? Did you think you would be “living the Covid experience” a year later?
The same goes for industrial cybersecurity.
Until recently, cyberattacks focused on the world of IT – information technology – data, or bits and bytes. Cyber attacks knocked down law office servers, penetrated movie studios and stole pre-release movies, or even broke into corporations demanding extortion payouts (ransomware) in return for not releasing stolen data.
Industrial Cybersecurity – The New Frontier
Those were the good old days. Today, hackers have found a much better target in the manufacturing sector – “industry”.
Why is the industrial sector such a hot target for cyber criminals? In industry, computers control PHYSICAL ASSETS and not just data. Think of a car factory, a pharmaceutical plant or even a cruise ship. Hackers can turn on and off moving parts. They can change the temperature in a boiler – potentially destroying it and harming people. When it comes to a cruise ship, hackers can gain control of a ship’s balance control system.
What used to be in the realm of sci-fi is today’s reality.
Shutting down a series of computer servers can be damaging; making changes to physical assets in a factory can shut down revenue generating activities for weeks.
Industrial Cybersecurity Attacks Can Be Used for Homicide
Imagine a scenario whereby hackers attack a hospital, and shut down an intensive care unit. Patients can die. Sounds crazy? A similar scenario occurred in Germany this past September. A ransomware attack disrupted emergency care at Dusseldorf University Hospital in Germany and a female patient, who was scheduled to undergo critical care, was transferred to another hospital. She died.
Scenarios like the above are fodder for sci-fi writers, but also for journalists. What used to be limited to the realm of nation state actors is now in the hands of hacker groups. The pandora’s box is open and won’t be closed.
The Victim’s Perspective of Industrial Ransomware
Let’s take a look at industrial cybersecurity from the vantage point of the hospital or factory. When they consider the lives and revenues at stake, you can understand why they are so willing to “do anything” to resolve the attack. A company not holding physical or critical assets has the luxury of saying, “Ok, so we will lose a few servers. We have backups and the IT guys will rebuild everything in a day’s work. No one will die, and I’ll go home tonight and forget about it.”
We Will Defeat Industrial Cyber Attacks
I’m an optimist. I live in Israel for over 30 years and have seen this wonderful nation grow and beat most of its challenges. I am a strong fan of Israel’s startup nation and technology community, of which I am proud to be a part of.
I’m not a fan of “apocalypse now” philosophies. The world is much better now than it was 100 years ago and will continue to improve, with occasional setbacks. Don’t bet against Israel, the USA or the West.
Having said that, I do believe that industrial cybersecurity will be a major menace to the world in the coming years. Yes, the good guys will eventually win. Previous generations have defeated much bigger threats than physical asset attacking hackers. We’re in for a rough ride until the battle for industrial security is won.