Tag: manufacturing

IT Security A Major Stumbling Block To Smart Manufacturing

The Internet of Things holds tremendous promise for the manufacturing space. But smart factories may still be more than a decade away, due in part to a lack of solid IT security controls, according to a survey of 1,300 German manufacturing firms and academics. The survey of 1,300 members companies and universities by the German Association for Electrical, Electronic, and Information Technologies (VDE) found that only 20% anticipated adoption of “smart production” (or “Industry 4.0” – as its referred to) by the start of the next decade. In contrast, 70% of those surveyed doubted that smart manufacturing goals would be achieved by 2025, despite obvious advantages. Why the skepticism? One commonly cited reason is a lack of strong IT security. According to a write-up on SAP’s blog, IT security was the most oft-cited obstacle to setting up smart factories. Sixty six percent of those surveyed cited security concerns as a reason to […]

Digi Serial Servers

Update: Serial Server Flaws Expose Critical Infrastructure

A survey conducted by the firm Rapid 7 has found evidence that widespread vulnerabilities and insecure configuration of ubiquitous networking components known as serial port (or “terminal”) servers, may expose a wide range of companies and critical assets – including point of sale terminals, ATMs and industrial control systems – to remote cyber attacks.(*) The vulnerable devices connected hardware like retail point-of-sale systems at a national chain of dry cleaners, providing direct access to employee terminals from which customer payment information could be accessed. Other exposed systems were used to monitor the location of cargo containers, train cargo as well as HVAC and industrial control systems, Rapid7 said. In the Rapid7 survey, over 114,000 unique IPs were identified in a scan using the Simple Network Management Protocol (SNMP), the vast majority manufactured by one company: Digi International. If left unaddressed, the vulnerable devices give remote attackers direct, administrative access to hardware devices […]