Your browser is out of date

You are currently using Microsoft Internet Explorer. To use this website without problems, we recommend that you install a new browser (e.g. Google Chrome, Mozilla Firefox, Apple Safari or Microsoft Edge).

I am interested in
The “Search” function is not available at the moment, please try again later.
Please get in contact with us. To contact form

IT and OT: When hackers access equipment

Automation and digitalization of processes is making progress: equipment is often networked and controlled via the Internet. For companies this brings both new possibilities and new risks. Hackers can use the Internet as a gateway to manipulate equipment. How can SMEs protect their equipment (operational technology)?

25 April 2019, Text: Natascha Fabian, Photo: Helvetia

Two men and one woman are standing infront of a machine and staring at it.
Equipment is often networked and controlled via the Internet. Hackers can use this as a gateway to manipulate equipment.

An example: An industrial company is a provider of 3D print components. In order to implement a high level of automation and correspondingly efficient processes, IT and OT systems (OT, Operational Technology) are networked. To make remote access possible, the OT network also had to be connected to the Internet.
This end-to-end network connection ensured a very high level of print quality. Suddenly it is noticed that defective parts were printed. A hacker has succeeded in entering the system via the Internet and changing some of the equipment parameters.

Five preventive measures

Be aware of the new risks and protect yourself with preventive measures:

  1. Install security measures to prevent unauthorized physical access (e.g. lockable room, alarm system, lockable switch cabinet, fence, etc.)
  2. As with IT, protect the OT system access points with technical security measures (firewall, VPN, encryption, access restriction, etc.) 
  3. Segment the IT and OT systems in different networks so that a virus cannot spread throughout the entire company network. There is no reason why, for instance, a computer used for book-keeping should provide access to a production facility 
  4. Implement back-up management. Back up the relevant system configuration too (software, parameters, etc.)
  5. Define a recovery strategy: How can you reboot the system again as quickly as possible after it has been infected

Cyber insurance covers the costs arising from…

- a loss analysis (forensics) to determine the cause and extent of the insured loss
- restoring the system (incl. removing malware, resetting parameters)
- additional costs for restoring operations as quickly as possible
- loss of earnings resulting from the interruption of operations, which can happen in the event of cyber damage
- restoration of the defective parts (incl. transport, repair or disposal, etc.)

In addition, in the event of a claim, Helvetia offers access to a network of experts comprising IT and OT security specialists, among others.

Please check your internet connection