No matter if it’s sabotage, malicious code or an online attack: Two out of three companies expect the number of so-called industrial security incidents to continue to increase, according to the only survey ever done on the issue by the VDMA German Mechanical Engineering Industry Association from 2014. The group wanted to determine the status of IT security among German machinery and factory makers. The result was shocking: Some 29 percent of all firms surveyed had already been forced to halt production due to industrial security incidents.

KORAMIS is working to make industrial plants more secure. The industrial security specialist from the western German city of Saarbrücken uses the Open Telekom Cloud for simulations to detect, among other things, IT weaknesses at production facilities and develop the appropriate protective measures. “Industry is being much more heavily targeted by hackers than many companies realize,” explains Marco Di Filippo, Lead Cyber Security Engineering at KORAMIS. With boosted value in mind, many factories are being networked with other facilities and set up for remote maintenance. But if every single piece of equipment is accessible via its own IP address, a factory’s systems become vulnerable.

The “Honey Train Project” shows what that really entails: KORAMIS simulated a fictitious transit company in the Cloud and put it online. The simulation didn’t just include realistic websites with timetables, ticket information, notice of events and user interactions. It also had virtual firewalls, surveillance cameras, servers and a complete network of tracks with all the usual sensor readings – switches and pneumatic pumps, signals and gate systems.

In parts KORAMIS simulated the „Honey Train Project“ as a model in the laboratory.

More than 19,000 parameters created a perfect illusion for hackers. They attacked as soon as the project went online.

• Security scans by KORAMIS showed that 27 percent of the hacking targeted the transit authority’s media servers
• 34 percent targetedthe firewall
• 39 percent, which is the majority of the hackers, attempted to hijack the control systems

To ensure hackers never make it that far in the real world, KORAMIS secures the facilities of its customers. Just like with the Honey Train Project, KORAMIS simulates real production and operational systems to sniff out their IT weaknesses. To do this, the company relies on Deutsche Telekom’s Public Cloud offering based on OpenStack.

For example, KORAMIS might be using 250 processors at peak times, but only 16 CPUs during normal operations.

Plus, KORAMIS can run its operations spread over multiple servers, saving both time and money. If the company wanted to do that on it’s own, it would have to buy and maintain all that hardware. But thanks to a pay-as-you-go model, users of the Open Telekom Cloud are only charged for what they need, or they can benefit from the fixed prices offered by long-term contracts.

The services provided by KORAMIS are in high demand, especially because they comply with strict German data protection standards. “Hosting and operations of the Open Telekom Cloud take place in Germany according to local law,” says Di Filippo. “Data protection is very important here. And that’s something that our customers, who, for example, come from the energy and automotive sectors, really appreciate.”

• Company: KORAMIS GmbH
• Founded: 1999
• Headquarters: Saarbrücken
• Sector: Services
• Employees: 35

The company:
KORAMIS GmbH has been creating customer-specific solutions for automation, process engineering and network control technology since 1999. KORAMIS is a leading provider of holistic solutions for industrial continuity management (ICM), with special focus on industrial security, industrial software and industrial automation. In order to continuously improve security processes and solutions, KORAMIS works closely with specialized institutes, technology partners and systems suppliers and is actively engaged in developing industry standards.

The challenge:
250 Prozessoren in Spitzenzeiten und 16 CPUs im Normalbetrieb: Je nach Auftrag, Projektart und Dauer benötigt der Industrial-Security-Spezialist unterschiedlich ausgeprägte, teils extrem leistungsstarke Rechenressourcen.

The solution:
KORAMIS has relied on the Open Telekom Cloud since 2016. Deutsche Telekom’s public cloud offering provides users flexible and scalable IT resources, as well as pay-as-you-go models or fixed prices with long-term contracts. Hosting and operations take place inside Deutsche Telekom’s highly secure data centers according to strict German data protection laws.

The result:
KORAMIS benefits from maximum flexibility and streamlined, transparent cost structures: Using a pay-as-you-go model, the company is only charged for what it truly needs. Processing and storage resources are available at the click of a mouse. And if the service provider travels around the world to a customer, the Open Telekom Cloud comes along for the ride: Switch and Internet connections are all that are needed to ensure the industrial security experts can get the job done.

Download