Three walls are better than one 

During the Middle Ages, princes who were hard up for money applied the following strategy: They erected their fiefdom on a hill and surrounded it with a wall. They built a gateway in the front that allowed goods to be transported in and out – and, on occasion, the soldiers of enemy armies or bands of robbers. As an added layer of defense against such attacks, princes with especially deep pockets built two or, even better, three walls. They also surrounded the outer wall with a moat, an obstacle that could only be crossed with a drawbridge. Even when attackers had cleared the first hurdle, they were still a long way reaching from the heart of the fortress. Having been weakened by the initial assault, they had to withdraw in certain cases.

Franz Köbinger likes to use the image of castle walls to explain concepts used to effectively protect factories from hacker attacks. The Marketing Manager for Industrial Security at Siemens says one wall will not get the job done. He adds that companies need to apply a combination of multi-layered and graduated measures that can prevent cyber-gangsters from penetrating a company’s defenses and shutting down operations, stealing sensitive information and encrypting data for the purpose of extorting a ransom. Siemens is already applying these principles in its own factories and is using the knowledge that it has gained there to help its customers create extra layers of cybersecurity by applying this experience in products and services.

Production facilities and critical infrastructures have become interesting and lucrative targets for hackers. Franz Köbinger, who has been working in the area of industrial cybersecurity for years, knows this fact of life better than just about anyone. The response focusing on all aspects of factory automation that he and his colleagues in the Digital Industries business segment have developed is based on an idea called Defense-in-Depth. This strategy protects key levels while erecting additional virtual walls around the factory:

• System integrity: The objective is to protect automation components in such a way that keeps hackers’ greedy hands from sensitive data and thus prevents them from causing damage. This includes such measures as authentication that allows access to only authorized individuals. Another key aspect of this strategy is a sophisticated system of patch management that facilitates security updates once vulnerabilities are found. After all, the aim of the strategy is not only to be secure, but also remain secure. The production operation may not be interrupted or made more elaborate when the security concepts are applied. Siemens’ expertise comes into play here. Unlike many service providers who obsess over IT issues and know very little about OT, the specialists around Franz Köbinger have a high level of expertise about factory processes and know exactly where the sensitive areas in procedures are.
• Network security: Today’s machines are connected in many ways, including via the Internet. They are vulnerable from outside attack as a result. Siemens’ experts protect the network in a factory by erecting firewalls and using encrypted networks like VPN. They also recommend network segmentation. In this process, particularly sensitive facilities, places where a successful attack could cause very costly damage, are segregated from the rest of the communications network. Network segmentation also helps prevent an attack on one part of the network from spreading like wild fire to other areas of a factory. 

• Facility security with Industrial Security Services: Many factories are decades old and are being digitalized bit by bit. Siemens works with its customers to develop concepts that can place these operations on the highest cybersecurity level and help them avoid becoming easy prey for hungry hackers. This process includes continuous security monitoring that sounds an alarm when an attack is attempted. In spite of all of the digitalization: The be-all and end-all of any factory’s lines of defense is integrated organizational and technical measures that are backed up by well-trained personnel.