Open Telekom Cloud for Business Customers
 

Complex simulations in IT security

Photo shows a model from the KORAMIS laboratory.
A model in the laboratory: Via the Open Telekom Cloud, KORAMIS helps to secure the IT of power plants, production plants and manufacturing plants.


In this article you will read about,

  • why industrial security specialist KORAMIS from Saarbrücken uses the Open Telekom Cloud,
  • why KORAMIS' customers particularly benefit from the low provisioning costs
  • and how KORAMIS makes its customers' plants more secure.

No matter if it’s sabotage, malicious code or an online attack: Two out of three companies expect the number of so-called industrial security incidents to continue to increase, according to the only survey ever done on the issue by the VDMA German Mechanical Engineering Industry Association from 2014. The group wanted to determine the status of IT security among German machinery and factory makers. The result was shocking: Some 29 percent of all firms surveyed had already been forced to halt production due to industrial security incidents.

KORAMIS is working to make industrial plants more secure. The industrial security specialist from the western German city of Saarbrücken uses the Open Telekom Cloud for simulations to detect, among other things, IT weaknesses at production facilities and develop the appropriate protective measures. “Industry is being much more heavily targeted by hackers than many companies realize,” explains Marco Di Filippo, Lead Cyber Security Engineering at KORAMIS. With boosted value in mind, many factories are being networked with other facilities and set up for remote maintenance. But if every single piece of equipment is accessible via its own IP address, a factory’s systems become vulnerable.

 

Honey Train Project: Attracting hackers with a fake company

The “Honey Train Project” shows what that really entails: KORAMIS simulated a fictitious transit company in the Cloud and put it online. The simulation didn’t just include realistic websites with timetables, ticket information, notice of events and user interactions. It also had virtual firewalls, surveillance cameras, servers and a complete network of tracks with all the usual sensor readings – switches and pneumatic pumps, signals and gate systems.

In parts KORAMIS simulated the „Honey Train Project“ as a model in the laboratory.

More than 19,000 parameters created a perfect illusion for hackers. They attacked as soon as the project went online.

  • Security scans by KORAMIS showed that 27 percent of the hacking targeted the transit authority’s media servers
  • 34 percent targetedthe firewall
  • 39 percent, which is the majority of the hackers, attempted to hijack the control systems
Photo of the model simulation of „Honey-Train-Project“ by KORAMIS Industrial Security.
KORAMIS has also simulated the "Honey-Train-Project" in part as a model in the laboratory.
 

Improving network security and detecting IT threats

To ensure hackers never make it that far in the real world, KORAMIS secures the facilities of its customers. Just like with the Honey Train Project, KORAMIS simulates real production and operational systems to sniff out their IT weaknesses. To do this, the company relies on Deutsche Telekom’s Public Cloud offering based on OpenStack.

 
Marco Di Filippo, Lead Cyber Security Engineering at KORAMIS Industrial Security
 

The Open Telekom Cloud always provides us with the exact capacity we need. Depending on the task, type of project and duration, we select virtual processing and storage resources with the click of a mouse.

– Marco Di Filippo, Lead Cyber Security Engineering at KORAMIS

For example, KORAMIS might be using 250 processors at peak times, but only 16 CPUs during normal operations.

Saving time and money

Plus, KORAMIS can run its operations spread over multiple servers, saving both time and money. If the company wanted to do that on it’s own, it would have to buy and maintain all that hardware. But thanks to a pay-as-you-go model, users of the Open Telekom Cloud are only charged for what they need, or they can benefit from the fixed prices offered by long-term contracts.

The services provided by KORAMIS are in high demand, especially because they comply with strict German data protection standards. “Hosting and operations of the Open Telekom Cloud take place in Germany according to local law,” says Di Filippo. “Data protection is very important here. And that’s something that our customers, who, for example, come from the energy and automotive sectors, really appreciate.”

 

Cover Reference flyer KORAMIS

Security weak points analysis in the cloud

Learn how KORAMIS conducts vulnerability analysis with the Open Telekom Cloud.

 

At a glance: KORAMIS and the Open Telekom Cloud

  • Company: KORAMIS GmbH
  • Founded: 1999
  • Headquarters: Saarbrücken
  • Sector: Services
  • Employees: 35

The company:
KORAMIS GmbH has been creating customer-specific solutions for automation, process engineering and network control technology since 1999. KORAMIS is a leading provider of holistic solutions for industrial continuity management (ICM), with special focus on industrial security, industrial software and industrial automation. In order to continuously improve security processes and solutions, KORAMIS works closely with specialized institutes, technology partners and systems suppliers and is actively engaged in developing industry standards.

The challenge:
250 Prozessoren in Spitzenzeiten und 16 CPUs im Normalbetrieb: Je nach Auftrag, Projektart und Dauer benötigt der Industrial-Security-Spezialist unterschiedlich ausgeprägte, teils extrem leistungsstarke Rechenressourcen.

The solution:
KORAMIS has relied on the Open Telekom Cloud since 2016. Deutsche Telekom’s public cloud offering provides users flexible and scalable IT resources, as well as pay-as-you-go models or fixed prices with long-term contracts. Hosting and operations take place inside Deutsche Telekom’s highly secure data centers according to strict German data protection laws.

The result:
KORAMIS benefits from maximum flexibility and streamlined, transparent cost structures: Using a pay-as-you-go model, the company is only charged for what it truly needs. Processing and storage resources are available at the click of a mouse. And if the service provider travels around the world to a customer, the Open Telekom Cloud comes along for the ride: Switch and Internet connections are all that are needed to ensure the industrial security experts can get the job done.


This content might also interest you
 

A man is typing on a keyboard, in the foreground of the image you can see digital icons such as a cloud cloud or folders

Data exchange with end-to-end encryption

Segusoft enables companies to exchange data securely and without software via the web browser. The Open Telekom Cloud delivers the possibility of optimal encryption.

 
2 hands, with a smartwatch on the wrist, working with a pen on a tablet, in the foreground on the picture various digital icons e.g. of a folder structure

42DBS: Managing sensitive documents securely

The company 42DBS, a subsidiary of the Slovenian Zejn Group, supports with its software suite ShakeSpeare solutions to digitize certain work steps for businesses, such as digitally signing invoices or powers of attorney.

 
A man clicks on a mouse in front of a laptop, in the foreground are digital icons over the image

Encrypted even during data processing

Data encryption during storage and transport is old hat. Confidential computing also allows encryption during data processing. We explain how it works here.

 
 
  • Communities

    The Open Telekom Cloud Community

    This is where users, developers and product owners meet to help each other, share knowledge and discuss.

    Discover now

  • Telefon

    Free expert hotline

    Our certified cloud experts provide you with personal service free of charge.

     0800 3304477 (from Germany)

     
    +800 33044770 (from abroad)

     
    24 hours a day, seven days a week

  • E-Mail

    Our customer service is available free of charge via E-Mail

    Write an E-Mail