Cyberattacks Can Have Physical Consequences

Business owners primarily concentrate more on the digital effects of hacking rather than the physical side of it. After all, hacking some code through a network can’t harm you or anybody else in the real world, right? Wrong. As shown by a recent hack in Germany, ignoring network security can be a dangerous gambit.

According to WIRED magazine, just before Christmas this past year, a German steel company fell victim to a hacking attack. What did this company have that was so valuable to hackers? We don’t know; but we do know that the results of the hack led to a disruption in its blast furnace’s operations. This, in turn, led to the destruction of equipment involved, and was described in the original report as “massive” damage. Normally, hackers would make off with some kind of sensitive information which they could use to turn a profit, but other hackers just want to (quite literally) watch the world burn.

Believe it or not, this isn’t the first time that a digital attack led to the destruction of physical equipment in the workplace. In 2010, an attack upon Stuxnet was discovered:

The first case, of course, was Stuxnet, the sophisticated digital weapon the U.S. and Israel launched against control systems in Iran in late 2007 or early 2008 to sabotage centrifuges at a uranium enrichment plant. That attack was discovered in 2010, and since then experts have warned that it was only a matter of time before other destructive attacks would occur. Industrial control systems have been found to be rife with vulnerabilities, though they manage critical systems in the electric grid, in water treatment plants and chemical facilities and even in hospitals and financial networks. A destructive attack on systems like these could cause even more harm than at a steel plant.

According to the attack report, the attackers were able to infiltrate this steel mill’s business network and used this access point to jump to the system controlling the heavy machinery. They then worked their way into the corporate network using a spear phishing attack. This method is when a group sends targeted emails requesting credentials to upper-level executives, then uses them to log in to the system. This allowed the hackers to compromise several different systems. While it’s not obvious whether or not the hackers meant to cause the destruction, the fact remains that it happened, and that this company now must drop unexpected expenses on new machinery in order to continue functioning properly.

In this case, it’s clear that a digital attack which is utilized against a network can have catastrophic results. This obviously depends on what the target of the attack is, but the point stands that lackluster security standards can lead to data loss and the destruction of expensive technology, equipment, and possibly more. Its destruction can potentially lead a business down the road of failure. Therefore, maximum network security is always recommended for any business; not just those who deal with the production industry.

Directive offers small and medium-sized businesses our Unified Threat Management solution, which is designed to protect your business from a number of different threats. With a comprehensive security solution like this, you’ll be able to take a proactive approach to your business continuity. Included with the UTM is a firewall to keep the threats out of your system, an antivirus to exterminate current threats, web filtering, and spam blocking; all to increase the security of your network.

If a comprehensive solution like this sounds ideal, give Directive a call at 607.433.2200. We’ll make sure your network security doesn’t self-destruct your business.