TÜV Rheinland: Operational Technology offers greater control and efficiencies – but what about the cybersecurity risk?

Computer controlled machinery enables companies to control and monitor their production systems saving time, improving efficiency and reducing costs. However, these Operational Technology (OT) systems can also be the target of hacker attacks, as incidents at car manufacturers, railway stations and maritime ports in the past few years have demonstrated. “Attackers have the ability to use malware to cause considerable damage to industrial facilities,” explains Nigel Stanley, expert for industrial and OT cybersecurity at TÜV Rheinland. The problem is that many machines are connected to the internet without adequate protection and thus offer an unnecessarily large attack surface area for hackers. TÜV Rheinland offers detailed information on this subject in the "Cybersecurity Trends 2019" study available for download.

Old machines, insecure internet connections

“Security gaps can arise when machines are connected to the internet. Modern production equipment will be computer controlled, often requiring a connection to the internet for maintenance and quality control purposes. The security of this connection can be crucial to the security of the whole facility,” says Stanley. However, many companies continue to rely on older equipment that cannot be easily replaced due to high costs. Such machines can be particularly vulnerable when upgraded to a digital control system as security compromises may need to be made. The long life span of these machines in contrast to rapidly changing IT operating systems makes it difficult to maintain security of these OT systems. A sound OT cyber risk analysis is the best way to start the process of increasing the cybersecurity maturity in these automated and networked systems.

Offline systems can also be attacked

Even non-networked industrial operations can become victims of malware or data theft. “A USB interface is sufficient to allow a non-internet connected system to be infected with destructive malware,” explains Stanley. Modern OT equipment provides more control and efficiency in many businesses but there are still far too many companies that don’t address these specific cyber risks.

"Cybersecurity Trends 2019" study for download

Über TÜV Rheinland

TÜV Rheinland is a global leader in independent inspection services, founded nearly 150 years ago. The group maintains a worldwide presence of more than 20,000 people; annual turnover is EUR 2 billion. The independent experts stand for quality and safety for people, technology and the environment in nearly all aspects of life. TÜV Rheinland inspects technical equipment, products and services, oversees projects, and helps to shape processes and information security for companies. Its experts train people in a wide range of careers and industries. To this end, TÜV Rheinland employs a global network of approved labs, testing and education centers. Since 2006, TÜV Rheinland has been a member of the United Nations Global Compact to promote sustainability and combat corruption. Website: www.tuv.com

Firmenkontakt und Herausgeber der Meldung:

TÜV Rheinland
Am Grauen Stein
51105 Köln
Telefon: +49 (221) 806-2148
Telefax: +49 (221) 806-1567

Norman Hübner
Pressesprecher Informationssicherheit
Telefon: +49 (221) 806-3060
Fax: +49 (221) 806-3093
E-Mail: Norman.Huebner@de.tuv.com
Für die oben stehende Pressemitteilung ist allein der jeweils angegebene Herausgeber (siehe Firmenkontakt oben) verantwortlich. Dieser ist in der Regel auch Urheber des Pressetextes, sowie der angehängten Bild-, Ton-, Video-, Medien- und Informationsmaterialien. Die United News Network GmbH übernimmt keine Haftung für die Korrektheit oder Vollständigkeit der dargestellten Meldung. Auch bei Übertragungsfehlern oder anderen Störungen haftet sie nur im Fall von Vorsatz oder grober Fahrlässigkeit. Die Nutzung von hier archivierten Informationen zur Eigeninformation und redaktionellen Weiterverarbeitung ist in der Regel kostenfrei. Bitte klären Sie vor einer Weiterverwendung urheberrechtliche Fragen mit dem angegebenen Herausgeber. Eine systematische Speicherung dieser Daten sowie die Verwendung auch von Teilen dieses Datenbankwerks sind nur mit schriftlicher Genehmigung durch die United News Network GmbH gestattet.