Siemens: Need to Protect IP

Wednesday, September 7, 2016 @ 05:09 PM gHale


By Gregory Hale
Intellectual property, the engine that drives any company, is so valuable, but so vulnerable that companies need to ensure it remains secure, safe and sound.

Not so easy.

“It is not about protecting the hardware and software, but also the algorithms,” said Rolf Reinema, head of technology field for Siemens Corporate Technologies. “Attackers can get access to intellectual property.”

RELATED STORIES
Siemens: Advancing a Security Business
Black Hat: IT-OT Learning Curve
Network Monitoring: Keeping an Eye on IIoT
Ransomware Masked as Rockwell Update

That was one of the key points during the Internal Security (Building the Foundation) discussion at Siemens Cybersecurity Growth Series Town Hall meeting at its Cyber Defense Center just outside of Cincinnati, OH, last week.

“The threat landscape is like a dark cave,” said Udo Wirtz, head of technology field for Siemens Corporate Technologies. “With our (cyber defense) centers we have put the light on. We may have had attacks five years ago, but we didn’t see them, now we can see more. In the future we had to deal with millions of IP addresses.”

Joanna Burkey, CISO for Siemens U.S., moderated the discussion and she talked about looking for the “Golden Nuggets,” or the areas that need the most protection. One perfect case in point is source code. That is the vital information that controls things like robots on the plant floor.

“OT attacks are complex,” Reinema said. “Having so much legacy equipment creates vulnerabilities.”

That led Reinema to talk about some of the popular attacks hitting the industry today – and they used to have a more IT approach. Ransomware is one growth area.

“If a hacker shows they can attack, they’ll ask for substantial bitcoins so that they won’t carry out the attack,” Reinema said.

In general, OT attacks are hitting the industry, Reinema said. He talked about the Ukrainian blackout from the past December. There was an attack on the Ukrainian power grid this past December. On December 23, 2015 power went out for a high number of customers (reports range from 80,000 customers to 700,000 homes) in the Western region of the Ukraine served by regional power distribution companies. A picture has become clear that a coordinated attack involving multiple components took place.

“There are large events like Ukraine, but there are other areas that are testing here and there,” Reinema said. “There are some attacks that are testing and then going onto the OT side and holding facilities for ransom.

One of the other types of assaults showing growth on the OT side are phishing attacks. Just think, if an attacker can generate enough user information, either through phishing attacks or good, solid social engineering, then he or she will not have to spend time learning code to crack into a system. By pilfering the data from a user, they have free and easy access to any system.

“One of the attack scenarios is getting user accounts and user rights,” Wirtz said. “Phishing emails are a big attack. It used to be malware was stupid and those who clicked on it were stupid, but today the user is not stupid. The malware is highly sophisticated and good.”
Reinema mentioned other attacks that are making headway.

“Social engineering attacks are very good and targeted,” he said, adding USB drives and the growth of the Cloud is showing more attack potential.