September 26, 2017

How do you prevent a coffee machine from hacking your factory?

Timo Ahomäki

Head of Portfolio Development, Tieto Security Services

You have taken all possible measures to shield your factory against intruders, fires, and power breaks. But had you thought that you should also guard the factory floor against rogue coffee machines?

It matters because of the Internet of Things. Even with all the published shortcomings, IoT is definitely a good thing, bringing excellent possibilities for doing things more effectively. Especially in manufacturing, IoT has made great advances.

However, security is as strong as its weakest link. An extremely striking example of the risks inherent in smart machines comes from a chemical engineer’s anonymous post in Reddit.

The post is worth a read in totality, but here’s a short recap for the impatient: The factory monitoring system, running on a legacy operating system, went down showing a ransomware message. When investigating the event, the personnel noticed that the “smart” coffee machine in the office was showing the same message as the monitoring PCs.

How did this happen? The monitoring system was, after all, running in an internal network with no connection whatsoever to the outside world.

It really was very simple: the person installing the Internet-connected coffee machine had connected it first to the internal network. When he noticed that there was no Internet connection (d’oh!), he connected the machine also to a Wifi network, hence opening an Internet connection to an environment that was supposed to be totally isolated from the outside.

Often, these kinds of attacks don’t become public (there was another recent story where a smart fish tank was used to hack the network of a casino). But don’t be fooled by this. As the number of internet connected devices keeps growing, the attack surface keeps growing, too. And like in these two examples, the path of the attacker does not need to be a direct one.

One of the main problems is that IoT devices have been designed for ease of use as default. But good usability alone isn’t always good security. As the example of the smart coffee machine shows, it’s all too easy to make a simple mistake that compromises the production environment which was supposed to be foolproof. Even air-gaps don't guarantee security.

Three ways to protect your assets

There are several measures you can take to make your manufacturing environment more secure and mitigate the risks that the IoT brings:

  1. Never install the IoT devices using the default settings. Always customize the settings for best possible security, taking into account your particular environment.
  2. Make sure that your security processes are up-to-date. Only people who are allowed to install devices and software should do so. As we’ve seen, you can’t even have coffee machines installed without keeping an eye on security and giving the task only to authorised personnel.
  3. Perhaps most important of all, you need to have total visibility to the security posture of your company and all its assets. You must know every Internet-connected machine on company premises. It’s all too easy to bring in an innocent gadget that opens up the whole company to attackers.

Today, everything is connected. Although connectivity opens up excellent business possibilities, it also brings a multitude of unprecedented risks.

So take a deep breath, check all the items in the list above, and enjoy a good cup of coffee. You’ve deserved it.

Attend Tieto´s security webinar to find out more about the cyber risks in manufacturing industry and how to survive! Actually, the webinar will be very relevant and useful for businesses in any industry.

Next webinar in Finnish: Miksi tietoturva on valmistavalle teollisuudelle kriittisen tärkeää? on October 3 at 9 EET, 2017

Stay up-to-date

Get all the latest blogs sent you now!