Jump to content

Welcome to eMastercam

Register now to participate in the forums, access the download area, buy Mastercam training materials, post processors and more. This message will be removed once you have signed in.

Use your display name or email address to sign in:

Shop Network Security


g huns
 Share

Recommended Posts

Our sister company was recently the victim of a very costly ransomware attack. This prompted the boss to take our security a little more seriously.

We have 3 Roeders machines with Windows controls. I refuse to allow them to install any Windows updates or AV junk on them. So they run to a switch that in turn runs to a magic box that blocks them from the interwebz, but allows them access to a specific network location to pull programs. The nerds claim this system is impervious to outside attack.

Then we have 3 Mikrons with Heidenhain iTNC530s. The IT guys want us to run a cable to the same switch the Roeders plug into.

This is a big undertaking. They are located across an aisle that's traversed by an overhead bridge crane. We'd have to have an electrician come out with a lift to run a mile of cable up and over the crane. Might even require moving a machine.

My question is, what is the security vulnerability of the iTNC530 control? What are the odds of some hacker in his mom's basement in Ukraine exploiting the control and getting into our network? I'm guessing slim to none, but don't want to discount the possibility entirely.

Link to comment
Share on other sites
  • 1 year later...

Mikron Equipment GFMS

The newer rConnect boxes are wireless also.

They are very secure.

I have never heard of a hacked machine control with this configuration.

If you have concerns we can put your IT dept in touch with our developers.

Ask your local sales rep

Link to comment
Share on other sites
  • 5 weeks later...

You are probably correct in that there is no way to fully protect from the vandalism .

However the average employee running a machine Probably does not have the skills to create something in Linux that would harm the machine.

Not only is it the Linux operating system, it is a highly customized Linux operating system.

So hacking into it by software although is probably possible is highly unlikely.

Deleting system files would probably the most common way to screw up a machine.

However all machines have a backup CD.

 

Link to comment
Share on other sites

A modern ransomware attack will sit on your network for a week or two before transmitting any captured passwords back to the home base to be customized for your specific deployment.  You're not fighting a kid in Ukraine in their basement, you're fighting a company of people working 9-5 on breaking into your system.  And they've been developing it for years.  They'll analyze how your backup system works and where those files are being written to in order to encrypt them as well.

Although it can be impossible to to completely prevent, a lot of ransomware can be limited to one computer if they're set up properly.  The problem is setting them up properly is slightly annoying sometimes for the users.   Make sure that any accounts are user level accounts, not admin.  Make each computer have a separate(!) admin password for that account.   So if you want to install something, you have to type in the admin password.  Make sure that the admin passwords for the computers have nothing in common with the network/domain admin credentials.  So if the ransomware gets onto one of your computers, it can't get the credentials to lock up anything on the network.   On the backup side, make sure that you have frequent full backups that are dumped to an off-site/inaccessible-through-normal-shares location with different credentials known only to the backup program.

Make sure your 3 Roeders are set up correctly where the 3 of them aren't logged on locally as admin and can share between the 3 at a minimum.

 

Link to comment
Share on other sites

IT won't allow our Mazak to be on the network because it's windows based,

we got hit a couple years back, my computer was one of the ones it started on, the first thing it hit was my post  .pst

i noticed right away when i couldn't post a file and unplugged from the network

luckily we were backed up off site and only lost one day but my computer was hosed from then on

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.

Join us!

eMastercam - your online source for all things Mastercam.

Together, we are the strongest Mastercam community on the web with over 56,000 members, and our online store offers a wide selection of training materials for all applications and skill levels.

Follow us

×
×
  • Create New...