Wir

Better protected together

With growing digital networking, the cyber security risks for the manufacturing industry are also increasing. Körber supports companies in protecting themselves against disruptions caused by ransomware.

On a Friday afternoon in May 2021, the billing system of the US company Colonial Pipeline suddenly suspended the ability to issue invoices to customers – a massive malware attack initiated by the Russian hacker group DarkSide. The blackmailers also stole almost 100 gigabytes of data and threatened to publish it on the internet if no ransom was paid. Colonial Pipeline transports oil from Texas to the southeastern United States. About 45 % of all fuel consumed on the US East Coast passes through this pipeline system.

State of emergency in 17 US states

The effect was enormous: Colonial Pipeline immediately ceased operations and paid the Bitcoin ransom demanded by DarkSide of the equivalent of around US$ 4.4 million – in exchange for a software tool to bring the IT system back online. It was only six days later that pipeline operations could restart. In the meantime, there were acute petrol shortages, panic buying and price increases in the affected regions. US President Joe Biden declared a regional state of emergency for 17 states.

The cyber attack on Colonial Pipeline was the most sensational and consequential in a growing series of similar attacks. Ransomware has long since become a global threat to companies – be it through system, order and production downtimes, massive competitive disadvantages, high recovery costs or the lasting loss of trust among business partners.  According to estimates by the US software manufacturer McAfee, global ransomware damage more than doubled between 2018 and 2020 alone - to a total of around 1.1 trillion US dollars (to the study).

The vulnerability of IT systems is particularly virulent in the area of operational technology (OT).

The insidious – and thus particularly dangerous – thing about the latest attacks à la Colonial Pipeline is that they are not carried out directly, but via hacked access to the network of a third-party company – often an IT provider that controls the software of Colonial Pipeline & Co. These so-called "supply chain attacks" have been booming for years, and they increase the threat potential especially in the manufacturing industry with its often highly complex supply chains. The advantage for the criminals: Hacking a software provider gives them access to various company networks in one fell swoop.

Dr Christian Schlögel, Chief Digital Officer (CDO) at the Körber Group

More networking, more attack surface

"The increasing convergence of information technology (IT) and operational technology (OT) exposes manufacturing infrastructures to a particular risk," says Dr Christian Schlögel, Chief Digital Officer (CDO) at the Körber Group. In the course of digitization the threat potential continues to grow: "The booming use of software in industry, cloud-based industrial controls, networking with partners and third-party manufacturers, as well as remote support as a result of the Covid 19 pandemic, are increasing the attack surfaces.

At the same time, according to Schlögel, transparent data sharing in particular is crucial for advanced, intelligent and efficient manufacturing. "The future of the manufacturing industry is digital and hyper-connected," Schlögel says. "Cyber security is increasingly becoming a central factor for sustainable business success for manufacturers. Our role at Körber is to help leverage the enormous digitization potential for the industry by also effectively protecting our customers from cybercrime."

Forgoing the benefits of digitization is not an option here, as it provides enormous advantages in increasing overall plant efficiency, faster transparency in the event of bottlenecks, networking with customers and suppliers, and making manufacturing more flexible. "The use of support systems in manufacturing through artificial intelligence is a great lever for efficiency control and sustainable production that we need to take advantage of," Schlögel explains. It is also important to understand that the security problem already exists today in the use of software in so-called on-premise operation, i.e. not only in cloud applications.

The range of potential security vulnerabilities has increased significantly in the course of digitization.
Andreas Gaetje, Chief Information Security Officer (CISO) at Körber

As Chief Information Security Officer (CISO), Andreas Gaetje is responsible for the digital security of Körber and its customers. Together with his team, he has been setting up a cross-business area Cyber Defence Center (CDC) in the Portuguese city of Porto since summer 2020 in order to develop integrated protection solutions for the increasingly complex cyber security challenges. In addition to Körber's internal systems, the main focus is on infrastructures provided for customers. "Developing effective protection mechanisms for industry requires first and foremost a strong understanding of machine manufacturing," says Andreas Gaetje.

Main focus on prevention

Gaetje's team is developing protection systems based on the Cyber Incident Response Cycle (CIRS) – a five-stage model that is used in a similar form in the security sector worldwide. "Our first focus is on systematic preparation and prevention, the Prepare and Prevent stage," says Andreas Gaetje. Here, it is a matter of quickly finding and repairing vulnerabilities and successively building up a consistent security design that corresponds to the changes in today's production landscapes. "The more the Industrial Internet of Things (IIoT) takes hold, the more the number and complexity of the sensors and end devices to be protected increase," says Andreas Gaetje. "In addition, long life cycles often apply in mechanical engineering and the software control must bridge a large age difference between the machines. This has to be taken into account in the safety concept."

Körber develops digital protection systems based on a five-stage model

The Detect level is used to identify anomalies and indications of possible attacks in running systems and to enable the most permanent monitoring possible using innovative tools - Körber uses an arsenal of security technologies here to monitor all servers and data flows and to detect suspicious activities at an early stage using AI-based solutions. At the Respond level, Körber directs effective measures in the event of acute cyber attacks – the most difficult task, according to Andreas Gaetje, as work has to be done under immense time pressure. An effective backup strategy for restoring data is central to this. Finally, the Learn level: "Crisis experiences usually offer us the highest learning potential to better master the next crisis," says Andreas Gaetje. "This allows us to constantly improve our processes and communication within the group and with our customers."

SIEM provides central control

These Mechanisms apply not least to Körber itself. "We store and transport large amounts of data for our customers," says Andreas Gaetje, "so it is fundamental for them to know that their data is in safe hands with us." At Körber, a central control system – called SIEM – ensures that the logs of all business areas are monitored centrally. In this process, the technologies in the cyber defence area are continuously being further developed. "The threat situation is constantly changing," explains Andreas Gaetje. "What seems secure today can be a gateway tomorrow. Especially in the OT area, there is a huge need to catch up in order to master these requirements together."

Related news

A good decision – Körber!

Learn more about why choosing Körber is always a good decision.

Read more
Tech

Better protected together

With growing digital networking, the cyber security risks are also increasing. Körber supports companies in protecting themselves against ransomware.

Read more

Körber pays Corona premium for all employees

Special payment as a thank you: Körber will pay a bonus of 500 Euros to all employees worldwide for the year 2020.

Read more

We are here for you – in every situation!

The safety and health of our employees, business partners and customers is our highest priority in times of the Corona pandemic.

Read more

Making society better: The Körber Foundation turns 60

A socially committed foundation is celebrating an anniversary. The Körber European Science Prize has been one of its flagship projects.

Read more

How we put our Fundamentals into practice

Our Code of Conduct requires all employees and suppliers to act in an ethical manner and obey all laws.

Read more

Körber - From a basement workshop to a global technology group

Our unique entrepreneurial journey started in 1946 - with a small workshop in the basement of an industrial building in Hamburg’s district Bergedorf. Since then, we have been developing innovative cutting-edge technologies from a broad mix of industries around the globe to make our customers even more successful. Our entrepreneurial roots also provide motivation and drive for this. Curious? Then join us on a brief journey through the history of the Körber Group.

Read more

The Körber Foundation: Shaping Change

Promoting involvement and taking on societal responsibility.

Read more

Always thinking ahead

Entering the future based and focused on sustained success: The Körber Group Executive Board and the Supervisory Board of Körber AG.

Read more

We are Körber

At Körber, the future is ours to create — with innovative solutions and cutting-edge technologies.

Read more

Körber Purchasing & Supply Chain Management: Acting future-oriented and shaping together

Körber, as a globally leading technology group, therefore places great value on the optimal purchasing of materials and services.

Read more

We are the home for entrepreneurs

Who we are. What we want to achieve.

Read more
Responsibility

Our Sustainability Report 2022

The Körber Sustainability Report provides an overview of the main environmental, social and economic developments in the fiscal year 2021. We outline our most important activities by documenting what we have accomplished already.

Read more
Responsibility

Sustainability in our supply chains

Sustainable business is becoming the standard approach, encompassing responsible supply chains, environmentally friendly procurement, and trust-based supplier relationships.

Read more
Responsibility

Diversity under a single brand

At Körber, we want to be the first choice for everyone who works with us already today and in the future. That’s why our entrepreneurial diversity is also reflected in our employees.

Read more
Responsibility

Measuring the impact on the climate

Only what is measurable can be managed in a targeted manner and sustainably improved. Our path to climate neutrality therefore begins with an objective and optimally comprehensive inventory of the greenhouse gas emissions that have been generated directly and indirectly.

Read more
Responsibility

Protecting value: Cybersecurity at Körber

Cyberattacks not only endanger the company's success — they also hinder innovation and progress. In an interconnected world, reliable data protection and network security are essential to a sustainable corporate culture. Körber is taking on corporate and social responsibility by means of its own Cyber Defense Center (CDC) and a multi-level security concept.

Read more
Tech

Why AI is the most shaping technology in this decade

Follow our expert discussion in the Körber Xperience about artificial intelligence and learn what this revolutionizing technology will bring in the future.

Read more
Responsibility

As a technological leader, we invest in a better tomorrow

Sustainability is part of our DNA and our convictions. Together, we at Körber want to be the first to do the right thing at the right time.

Read more
Back to top
Back to top