Industrial defenses have improved; so have attacks
In practice, most large industrial facilities are moving to secure their own internal factory networks using technologies such as SD-WAN, private 5G networks, network segregation, isolation of production environments from the corporate network, and active monitoring against threats to factory machinery. All the same, attackers always hope that complex, well-planned combination exploits will find some way into even those most private and secure portions of corporate systems.
What happened at Foxconn
In this particular case, it doesn’t look as if the attack was made against connected industrial equipment at Foxconn. Wired reports a little of the events that took place:
- The attack was identified on May 1.
- Foxconn’s network collapsed.
- Wi-Fi failed first, then the disruption extended to core plant infrastructure.
- As the attack unfurled, workers were told to switch off their computers.
- They were also instructed not to log back in under any circumstances.
- There were previous attacks on other Foxconn facilities and subsidiaries, suggesting regular assaults on the company.
The attackers claim to have stolen key confidential data belonging to Foxconn clients, though sample files published by them don’t seem to include any Apple-related materials.
While it is easy to get lost in the shock value of what seems to be a successful attack against an Apple supplier, the underlying story should be a warning to every company as it highlights the febrile nature of the current threat environment.
