By anonymous author.

Today in the afternoon we were talking about the negative aspects of digitization, the impacts of industrial malfunction and how we could protect us and manufactures of its cyber-attacks. Or more shortly: The probability of a World War 3.0.

Before that, we heard already how the blockchain technology could change the business completely in a way like the industrialization changed the world in the 18th century.

(Quelle: https://www.coinpro.ch/was-ist-die-blockchain/)

Are we aware about of the risks of digitization in the (food) business?

As a preparation for this interesting afternoon, we read a post of our professor on LinkedIn with the title “From advanced manufacturing to malfunction – through digitization to downtime”. There he gives a fair warning of the digitization of (food) business. Following some statements out of this publication:

“The manufacturers of new machines often stress the opportunities and benefits but rarely, if at all, discuss the risks.”

“Cyber-Safety” is an interesting profitable business model with an exponential growth rate.

“If a company’s manager demands administrator rights, the subject of IT security has definitely not been fully understood, and cannot be lived.”

Summary of the movie: Zero days – World War 3.0

Let’s face it! Has World War III already began?

As an example of the risks of digitization on the business, we watched the film Zero days – World War 3.0 which tells the story about the first real computer worm, who threats the world economy. In the media, the worm is better known as Stuxnet. The programmers called it OC – Olympic Games.

Stuxnet is a secret, nobody of the officials is allowed to talk about it because it has security clearance. Stuxnet attacks the frequency inverter of the SCADA-System which is often used in the energy industry. It was first identified by a company from Belarus. The worm was programmed to work autonomously. Zero-Day-Exploit has been used to spread the malware by its own. The Malware included Certificates that where approved by Windows, but in fact were stolen from two companies in Taiwan. Stuxnet was programmed to search for a specific aim, because it didn’t attack all controls. It attacked the centrifuges of the Iranian Nuclear Program in Natanz, Iran. The exact aim of Stuxnet were the six cluster of centrifuges, by manipulating its controlling system.

Stuxnet might be the first, biggest and most sophisticated example of two states using a cyber weapon for offense purposes.

After Stuxnet was detected by Iran and other countries, they adapted the code for their own interests and spread it back to where it came from.

Furthermore, the war in Iraq and Afghanistan caused the restart of the Iranian Nuclear Program which was bigger and faster than before.

USA and Israel were hit with their own weapons and forced do deal with Iran about the Nuclear Program, to protect their own economy from damages caused by Stuxnet.

How can we protect our business?

Unfortunately, cyberwar rules are only supported by countries, who are under attack or have poor cyber weapons so far. Other ones don’t claim any cyberwar rules yet.

Further, some companies see a new business model in protecting computers and their systems by selling virus protection, but it just seems to be a modern way of a protection racket.

Could an offline life be a better solution?

I’m afraid not! A system is never completely offline. Even it is independent, it comes sometimes in contact with the internet, due to software updates, the transmission of protocols and so on. But we learnt, how a minimally secured system can prevent you from hacking attacks. We discussed the different solutions to secure data and to re-install systems. This could be a decentralized server, a Secure Sockets Layer (SSL) or the creation of good passwords, etc.

Companies have to protect their data and systems on their own, whereas governments have recourses from the secret service and defence forces with huge financial opportunities. It is unclear whether insurance make sense. Often, it’s just a “save my ass” campaign of the management board, that they can say, that they have done everything to prevent hacker attacks and the costs of their damage.