Over the years, Siemens has become one of the major industry players to tackle issues involving cybersecurity. To better focus on this critical problem, on November 10, 2014, the company opened its Cyber Security Operations Center in Milford, Ohio.
A big industry wake up call came in June 2012, when the Stuxnet computer worm attacked industrial PLCs controlling nuclear centrifuges in Iran, reportedly causing many of the fast-spinning centrifuges to tear themselves apart. Introduced with an infected USB drive, the virus propagated across the network, scanning for Step7 software on computers controlling a PLC, modifying the code and giving unforeseen commands to the device, while returning normal operating values to users who thereby remained unaware of any danger.
During the opening of its new center, Siemens executives and industry thought leaders discussed the importance of monitoring and thwarting the rapidly growing onslaught of cyber threats.
Eric Spiegel, Siemens USA president and CEO, says companies should be worried because new trojans, viruses and worms continually target critical infrastructure—the mainstay of civilization as we know it. "The challenge is things are changing so rapidly, for instance, equipments such as robots and lasers are becoming increasingly software-led, machines talk to machines, and smart buildings continue to pop up everywhere. Companies therefore need new business models around cyber. Also, a big question that arouse after 9/11 is how do people protect their information?"
No doubt our digital dependency is a double-edged sword. As John Michael McConnell, senior executive advisor, Booz Allen Hamilton, ADM USN (Ret), explains, "Gutenberg invented the printing press, and 100 years passed before its effects were felt. In contrast, today's technology has changed the world in less than a generation and most of industry has lagged behind. Think of the Internet as both a set of services and a 'surveillance' network. It is a benefit to society in terms of connectedness, but is also a poison fruit because it makes us vulnerable. Because good attackers will always persist and always get through a firewall, the best approach is to monitor and respond."
McConnell explains that when hearing the term "threat profile," most companies think of criminals who want financial information such as with the Target and Home Depot hackings. Over one third of the nation's population had their personal information compromised in these attacks. However, the real threats are to nation-states.
For example, China produces thousands of malware apps per year for economic espionage, says McConnell. "Chinese companies get the results of huge research and development projects that cost U.S. and European firms millions of dollars, then use the results for a competitive advantage."
In addition, nation-states are digitally dependent and therefore a likely target of terrorist groups. "The U.S. is the most vulnerable nation in the world because it has an economy of $16 trillion a year, $13 trillion a day of which goes through two banks in N.Y.C. If you were a terrorist, wouldn't you target these banks? The same kinds of things apply to infrastructure. That said, with vulnerability also comes opportunity. For instance, scientists can now analyze big data for better medical care. This kind of predictive analysis is the wave of the future."