The reasons for this are complex. On the one hand IT is usually organized separately for office and production, although both are increasingly connected by software. On the other hand, although security solutions are used, in some cases important production processes are still operated using obsolete systems, for which no necessary safety updates are available. This often happens because a production process has to be completely rebuilt or temporarily shut down for an update – but there is a lack of money or time. So, Trojans cheerfully gallop through the corporate network until their day has come and they hit on it. Then it will be too late. The conveyor belt stands still. A production loss of millions per day are no scarcity.
Cybercrime is an Attractive Business: Ransomware and Wiper Attacks, Industrial espionage
The fact that cyber attacks are rather the normal condition than the exception, is undisputed. Especially highly industrialized countries with their specialized know-how are popular targets of attackers. "Cybercrime is lucrative. According to a study by Intel Security McAfee, the loss by cybercrime in terms of GDP adds up to 1.6 percent in Germany. In the US, it is 0.64 percent, in China 0.63 percent." Mechanical engineering companies in particular have to be aware of Ransomware and Wiper attacks, such as those in May and June 2017 by WannaCry and NotPetya.
While Ransomware encrypts data on the attacked computer and "hands over" the decryption key after payment of a ransom, Wipers seek destruction: the hard disk is simply formatted or "wiped". The data are therefore lost irretrievably. In recent years, a market for Ransomware & Co has developed. The business model Cybercrime as a Service CaaS thrives and focuses on technically non-savvy users to drive attacks on targets for small money in each event – targets including support (e.g. malware updates or technical support etc.).
Every year billions of dollars are lost due to industrial espionage. In Germany alone, the damage caused by data theft, economic espionage and sabotage in 2016 amounted to € 22.4 bn. The mechanical engineering and automobile industries were particularly affected. Only 11% of German industrial companies were NOT affected. In addition to material damage caused by a failure or damage to the IT and telecommunication infrastructure, companies are losing out on revenues because they lose their competitive advantage, and they also report non-pecuniary damage due to patent infringement and imagery damage.
In the event of an attack, companies will have to pay for:
- Additional salaries for internal staff
- Salaries for external staff
- Additional PR campaigns for damage limitation
- Compensation payments
- Improve the software and infrastructure
- Training staff
- New staff
And they lose money due to transactions they could not settle. Companies from the automotive sector and mechanical engineering in industrialized countries and newly industrialized countries are most likely to be attacked. Their knowledge and know-how is their greatest competitive advantage. It is important to protect this knowledge in order to ensure production security, especially for SMEs.