finance
monthly
Personal Finance. Money. Investing.
Contribute
Newsletter
Corporate

A number of the world’s biggest private equity firms, including Silver Lake Partners LP, Thoma Bravo LP and Blackstone Group Inc, have seen their stakes in software firms greatly devalued following a wide-reaching hack on software provider SolarWinds Corp.

SolarWinds stock has slid 20.8% from last week’s close after reporting on Sunday that suspected Russian hackers had inserted malicious code into software used by the company to carry out updates, allowing the operatives to access sensitive systems undetected.

The “Sunburst” operation, remarkable for its size and sophistication, constitutes the biggest cyberattack against the US government in more than five years. Around 300,000 companies and agencies use systems provided by SolarWinds, with around 18,000 believed to have used compromised versions of its software since the attack began in March.

SolarWinds’ customers include most US Fortune 500 companies, all of the top 10 US telecom providers, the US military and various other government branches. The UK government and the NHS are also listed among the company’s clients.

Silver Lakes holds a stake of nearly 40% in SilverWinds. Following the plunge in the value of its shares, this stake is now worth $2.3 billion, and Thoma Bravo’s 33% stake is now worth $1.9 billion.

Blackstone’s $400 million November donation in cybersecurity firm FireEye Inc also suffered from the hack, as the company’s shares fell 11% after hackers stole a collection of hacking tools used to test clients’ cyber defences. FireEye, which has contracts across the US national security sector and with its allies, uncovered the SolarWinds breach while probing this attack.

[ymal]

Regulatory filings showed that, following the theft of its tools, FireEye amended its deal with Blackstone and co-investor ClearSky to make it more favourable to the private equity companies. The firm opted to convert the FireEye-preferred shares that the investors stood to receive to common stock at $17.25 rather than the initially agreed $18.

FireEye shares traded at around $13.58 on Tuesday afternoon.

London-based airline EasyJet revealed on Tuesday that nine million customers’ personal information was stolen in what it called a “highly sophisticated” cyber-attack.

In addition to email addresses and travel details being accessed, 2,208 of those customers affected also had their credit card information stolen. EasyJet clarified that no passport details were uncovered in the breach, and that it would contact those affected.

It is not yet known how the historically large data breach occurred, but EasyJet said that it had “closed off this unauthorised access” and reported details of the incident to the Information Commissioner’s Office (ICO) and the National Cyber Security Centre.

The size of the breach raises the possibility of EasyJet being forced to pay significant compensation, as was the case for British Airways after the personal information of 500,000 customers was stolen. In that case, the ICO fined the airline £183 million.

A similarly sized fine would likely be a significant blow to EasyJet, which has already said it expects to make a loss of around £275 million this year as the COVID-19 pandemic continues to drive demand for air travel through the floor.

Reacting to the news, Tony Pepper, CEO of Egress, called the breach “another stark reminder that airlines must take a comprehensive risk-based approach towards protecting customer data”.

“For organisations, it remains crucial they continue to prioritise data security at all times, but especially when there’s widespread introductions of new systems as there has been in response to sustained remote working during the COVID-19 pandemic.

With the worldwide number of robots in smart factories now topping a million, Ross Thomson cites a lack of awareness as the reason most operators haven’t tackled the threat.

“Many firms believe hackers only want personal or financial data, but there is a credible risk to industrial robots,” says Mr Thomson, Principal Consultant at Amethyst Risk Management, which advises government and industry on cyber security.

He points out the risk is growing as robots, like other devices, are increasingly connected to wider networks and the internet. That gives hackers more ways in, and the consequences are potentially disastrous.

In one example, attackers locked up a robotic assembly plant in Mexico and demanded a ransom from the operators. Mr Thomson also highlights the safety risk for human factory operatives if a robot were to be hacked.

Lack of awareness and preparedness for a cyber-attack extends to robot makers. Mr Thomson points to an experiment where researchers hacked a robotic arm and forced it to mis-perform, compelling its manufacturer to plug the security hole.

Nightmare scenarios

The threat might come from disgruntled employees, criminals, recreational hackers or nation states.

One kind of attack would inject faults or defects in the production process, or lock it down completely as in the Mexican incident, leading to loss of production and revenue. If defective products make it to market, they can cause reputational damage, a potential advantage that could motivate an attack by unscrupulous competitors.

By manipulating safety protocols, hackers could cause the robot to injure human operators, or to damage itself or the factory environment. Alternatively, attackers might attempt to steal sensitive data from the machines themselves or the wider company network through remote access.

How easy is it to hack a robot? Ease of access to the software varies, making an inside job more likely in some scenarios. Firmware may be freely available online or retrievable from used robot CPUs, and some manufacturers allow programmers to access code in a simulation environment, creating a potential practice ground for would-be robot hackers.

Hackers have other ways to infiltrate, other than via the internet. They may attack from within the factory, for example connecting to the robot directly through a USB port, or physically accessing its computer controller directly or via remote service.

Once they have penetrated the system, they can potentially alter the controller’s parameters, tamper with calibration programmes or production logic and alter the robot’s perceived state, for example to show it is idle when it is not, or its actual state causing loss of control.

How big a risk?

The scale of the threat could be enormous. It’s estimated there will be 1.3 million robots in factories worldwide by next year (2018) and that 12 per cent of jobs will have been taken over by automated systems within a decade anda half. Robots are operating across almost all industrial sectors from car manufacturing to aviation and food processing.

The UK’s National Cyber Security Centre has highlighted hacking of robotic, unmanned and autonomous systems as a subject for attention, both by itself and by the intelligence organisation GCHQ.

A survey of robotic engineers by Italian academics found three quarters had never properly checked cybersecurity in their infrastructure, a third of robots were internet accessible and half of respondents didn’t see a realistic cyber security threat. To make matters worse, industrial robots often have weak authentication protocols and outdated software running on vulnerable operating systems

Operators need to take the necessary precautions

Mr Thomson urges operators of industrial robots to conduct a professional review of cybersecurity risks, have an incident response plan in place in case of a security breach and ensure that software is regularly updated, especially with security patches. The security review should look at what data robots hold and how they are potentially connected to sensitive data elsewhere on the network.

“Considering the risk to production, people and facilities, it must be taken seriously from board level to operational level,” he says. “An internet-connected robot should be treated with the same security precautions as any computer on the network, including setting long, complex passwords rather than relying on manufacturers’ default. There is a temptation to neglect updates because they may cause production downtime, but it needs to be given a higher priority.”

He advises operators to make security a key factor when sourcing new industrial robots, selecting a manufacturer that shows commitment to the issue and provides frequent software updates with security patches.

“Limiting who has access to robots and segmenting machines from networks where possible can also reduce risk,” he advises.

Ultimately, one of the most effective precautions is also one of the most prosaic, and may comfort those who fear their jobs will be stolen by robots, as Mr Thomson explains: “It’s hard to imagine a time when we dare leave robots to get on with it, so until and unless that day comes, we need humans to keep watch on robots at work.”

(Source: Amethyst Risk)

About Finance Monthly

Universal Media logo
Finance Monthly is a comprehensive website tailored for individuals seeking insights into the world of consumer finance and money management. It offers news, commentary, and in-depth analysis on topics crucial to personal financial management and decision-making. Whether you're interested in budgeting, investing, or understanding market trends, Finance Monthly provides valuable information to help you navigate the financial aspects of everyday life.
© 2024 Finance Monthly - All Rights Reserved.
News Illustration

Get our free monthly FM email

Subscribe to Finance Monthly and Get the Latest Finance News, Opinion and Insight Direct to you every month.
chevron-right-circle linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram