vironment, but not for attack purposes in the open field.
But you also need the real environment to test your tools,
and with it the defense. ’If you let such tools haunt your house,
however, things can happen in our networked environment
that we just can’t control. So we are very careful. But the goal
needs to be that our networks can withstand it.
è We live in an increasingly networked world. But we
only think about safety after something has already hap-
pened. Is that an accurate perception?
Many smaller companies actually act in this way, which is very
critical. Larger companies are usually much more cautious.
The IT at Phoenix Contact, for example, is always alert. For
example, production is completely decoupled from the normal
office network.
è What made Phoenix Contact start to think about
things like this?
We started in 2002 at the Berlin startup Innominate with the
è Is the overall threat situation increasing? topic of mobile firewalls, but quickly advanced into the field
Definitely. Statistics from our industry are difficult to obtain, of industrial automation. Phoenix Contact then took over In-
but the damage reported to the FBI from cybersecurity inci- nominate in 2008.
dents in the US has increased tenfold over the last ten years, However, the Phoenix Contact Group can’t only rely on
from 2008 to 2018, from 200 million to 2 billion dollars. These firewalls; we also need to consider data security in all its pro-
are absolutely realistic figures. cesses. My job is to democratize the topic of security to a cer-
tain extent. We make training programs, educate people, de-
è Who are the bad guys? And what are their motives? velop tools. Everyone who writes software has to face the issue
There are all kinds of different attackers. There’s the indi- of security and follow certain guidelines.
vidual who acts, but the damage usually isn’t that enormous.
¬This can be for anarchic motives, but also for very tangible
economic reasons. Malware that can actually be purchased is
often used, which is also common in apps.
Then there are commercial organizations where you can
buy high-quality attacks for money, such as service providers
for organized crime in Russia. And you hear of Chinese groups
acting upon behalf of the state. The result would be a limbo.
And then there are the state actors, such as the NSA, the
Chinese People’s Army, or our very own Bundeswehr, which is
also in preparation mode. You can get an idea of the alleged
people involved by reading the time stamps of the server ac-
tivities. Shockingly often, you’ll find matching times from a
very specific time zone. Even cyber-pirates keep regular office
hours.
è How do you train your cyber defenses when you’re one
of the “good guys” yourself? How can you get the tools
you need if you yourself aren’t an attacker?
You don’t have to go the Darknet or anything. Even the NSA
publishes tools from time to time, you can just download
them. Or buy it on eBay for 10 dollars. You’re also allowed to
use them in Germany for laboratory purposes in your own en-
12
UPDATE 4/20
The Phoenix Contact innovation magazine