Security and protection against cyber attacks are today one of the most important issues when planning activities in any industry where computers, robots or intelligent machines plays a significant role. As there are more and more of these every year and they affect more and more global processes, it is no wonder that they are also becoming a tasty morsel for criminals.
Table of Contents
A very loud topic that spread across the country like wildfire was the latest attack by hackers on the e-mail boxes of Polish politicians. Their takeover was child's play, because the people who are responsible for the fate of a country with almost 40 million people decided to use e-mail services that are available to everyone, and which do not guarantee the security that should - at least in theory - provide a dedicated government service . The data obtained by criminals could and can still be used to destabilize the country. The scale of the danger in such a case is therefore enormous and it should make you realize that connecting to the network is associated with great opportunities and equally great threats.
However, while in the world of "big politics" it is difficult to expect admission to error and any firm reaction, when it comes to issues related to the automation industry, actions are taken immediately.
SIMPLE PASSWORD > NO PASSWORD
The last such high-profile case was what happened to Siemens and its operator panels, which are known as SIMATIC HMI Comfort Panels. Their task in the era of the industrial revolution 4.0 is to quickly process huge amounts of data and present it to the operator in such a form that he can make the right decision. This is crucial because nowadays one operator can control many machines simultaneously, which in turn means that his responsibility is much greater. So it's no surprise that it should rely on top quality devices and the best security protocols.
However, as it turned out recently, and as industrial security specialists discovered, in the case of these panels there was an unprecedented event in the world today. How many times have you heard to set difficult passwords in devices / accounts connected to the network? Dozens? Hundreds of times? Exactly. It would seem, then, that there is nothing worse than a password consisting of a simple sequence of numbers or the name and surname of the person concerned? Well, it turned out maybe. For example, the complete absence of this password.
This is exactly what happened in the case of the aforementioned operator panels, which are used to visualize data received from industrial devices, and which provided the Telnet service (standard of the communication protocol used in computer networks - red.) Without any (!) form of authentication. This, in turn, is not only opening the door for hackers and all sorts of cybercriminals, but even opening them wide and inviting undesirable guests straight home.
The error affected all SIMATIC HMI panels with the exception of medium voltage models - SINAMICS (SL 150, SM 150 and SM 150i), in which the Telnet service was disabled by default. But what exactly is the bug CVE-2021-31337 about? Just to mention that these panels act in such a way that pull data directly from industrial equipment. These are then displayed on a suitable tablet - all in an easy and accessible way. The panel interacts with a number of devices and although, according to the specification, they cannot be connected online, devices located in the local network can become an easy target for cybercriminals thanks to the vulnerability mentioned. It is enough for them to find a suitable foothold in the internal network, so that they can have almost unlimited access to important, and often confidential and key data for a company.
What's worse than a hard coded password?
— Ralph Langner (@langnergroup) June 28, 2021
No password at all! https://t.co/Yotc0XmFkX
WHEN FEAR LOOKS IN THE EYES
In the context of the aforementioned industrial revolution 4.0, counteracting and preventing such events is of colossal importance. This is best illustrated by the data that can be found in the "Computerworld" report, commissioned by Intel and Polcom - the operator of the Polish cloud for business. It shows that the priority for entrepreneurs is safety and ensuring continuity of production. This was the opinion of as many as 86 percent of respondents. In this particular segment, most concerns concerned surveillance and theft (72 percent of all indications), as well as adequate protection of data against leakage or damage (66 percent of types).
As was to be expected, Siemens security specialists took the matter very seriously, and by updating their software, they dealt with the problem of the door wide open for cybercriminals. This does not mean, however, that they can sleep well. In this area, hackers are always one step ahead of the rest, just waiting for the right opportunity to arise. So, to quote the classic - constant vigilance!
