Following the news that ThyssenKrupp has suffered a cyber-attack, Andrea Carcano, Founder and Chief Product Officer at Nozomi Networks commented below.

Andrea Carcano, Founder and Chief Product Officer at Nozomi Networks:

andrea-carcano“The reported attack on the ThyssenKrupp Steel Mill is of obvious concern. This is not the first time a German steel mill has been targeted. A successful breach of a German steel mill’s control systems [https://www.wired.com/2015/01/german-steel-mill-hack-destruction/] in December of 2014  manipulated and disrupted the control systems of the a German steel mill blast furnace, resulting in a massive fire and shutdown.

“The ThyssenKrupp attack appears to have only extracted intellectual property (IP) and hasn’t caused property damage or compromised personnel safety. However, given the reported depth and sophistication of this intrusion, it may be that this was to be a multi-step attack and that the adversaries were planning a long-game in which IP, such as design and production information, is collected in order to perpetrate a future attack with severe consequences.

“Fortunately for ThyssenKrupp the discovery of the breach at this stage should ensure that steps can be taken to further protect the control systems that might have been the ultimate target.

“Steel mills and other critical infrastructure components are now in the cross-hairs of sophisticated and well organised hackers whose goals of malicious disruption are broad and varied. Stepping up the detection of cyberattacks of IP theft and, more importantly, the industrial control systems that operate critical infrastructure facilities from manufacturing to energy production will lead cybersecurity priorities in 2017.”