Page 2: The production hall

Contents

"I'm all tingly," reveals Immanuel Bär. The hacker heads for his next target in the production hall. He places a wedge in an outside door so that he can return more inconspicuously later. Better safe than sorry. Between employees welding, hammering and sawing, he finds public computer workstations for employees who are not normally at their computers. Bär heads for the corner. An employee working on a machine part a few meters away looks up and approaches the unknown group in high-visibility vests. He asks the photographer to leave the safety area as he is not wearing safety shoes. A step to the left reassures the attentive employee. He leaves Bär alone at the computer. "Someone else is logged in here, I have direct access to the computer," he explains over the noise in the hall. The SAP access data is written on a piece of paper on the screen.

Bär doesn't linger for long and heads for an abandoned foreman's office next. Without attracting attention, he climbs a metal staircase in the middle of the hall that leads to the container offices, which look like they are floating. The door is open. Computers are still logged in here too. Undisturbed, Bär can browse through production plans, copy data, install a hacker tool for later access and connect his own computer via the LAN cable. Before he leaves, he leaves the workstation as he found it, including the mouse position. "I've never been here."

The sense of responsibility

"Unfortunately, we have the same discussions over and over again," says Schneider in frustration. "It should be clear to everyone by now that passwords don't belong on the screen and that you should log off briefly when you leave the computer." This also applies to machine workstations. If these remain logged in, intruders can cause millions of euros worth of inventory to be destroyed – and go about their business undisturbed while everyone takes care of the machine. However, implementing simple security measures in everyday life is another matter."

IT security doesn't just affect IT – - it also includes the HR department, facility management because of open doors, but also production, because employees ultimately have to implement it," emphasizes Immanuel Bär. "The topic of cybersecurity is far too much in the hands of the IT department only –, but management needs to take care of it at least as intensively."

The Prosec team hit the bull's eye directly under the foreman's office. Here they can access the system directly via an information screen. Bär pulls the cable from the computer behind the display and rejoices: "Here we go." The hackers install VPN access and want to continue working from the hotel. In the meantime, they send the first data to an accomplice in the hotel, who starts analyzing it.