Fortunate to be hacked

A group of Siemens hackers launches daily attacks against the digital defenses of its own company and products. The in-house team helps boost cybersecurity in an age of proliferating attacks by closing security loopholes before malicious parties can find them.

Hackers sit at screens until late into the night, manipulating their digital crowbars, software lock-picks, and even subtler tools, looking for ways to break through the online security barriers of companies, authorities, and infrastructures – and once they’re in, doing their malicious dirty work. But that’s not always the case.

Sven Lehmberg, a hacker employed by Siemens, opens the door to a workshop in Munich-Neuperlach where there’s not a single monitor in sight. Instead, a colleague is seen using a hot-air soldering station to remove a component from a printed circuit board. Another colleague is bent over a microscope examining a chip connected by hairs-breadth wires. They’re surrounded by various kits, pliers, and clamps. A red light indicates high-voltage current. “We don’t just hack with our keyboards,” says Lehmberg with a mischievous grin. “We also take the hardware apart to find weaknesses.”

The team of cybersecurity specialists has a somewhat unusual assignment at Siemens. Every day, they attack the company’s digital defenses, disassemble its products, and even perform tests to see if they can trick employees into playing into their hands. If these “white-hat hackers” are successful, it means that malicious attackers could also find a way to penetrate the fortifications protecting a database, power plant, or factory. Potential consequences include sabotage, espionage, and extortion. But to keep things from ever getting that far, the company’s own hacker team looks for security loopholes and then helps close them as quickly as possible.

Digitalization and Cyberattacks go Hand in Hand

For over 30 years, Siemens has maintained a team to protect computer systems, digital products, and infrastructure. Today this team has grown to include some 1,300 cybersecurity experts. And no wonder: Digitalization has become the engine that keeps industry and infrastructure, two of Siemens’ major core businesses, up and running. As digitalization grows, so does the number of cyberattacks. Computers are attacked, passwords are stolen, factories are sabotaged, and systems are hijacked and then released only in exchange for a payment in bitcoins.

Siemens has been employing benevolent “white-hat” hackers since 2002: That’s when Lehmberg and two colleagues began ferreting out security loopholes in the company and in Siemens products. Today they number more than 25. At first their job was primarily confined to testing communications products like routers, but this soon extended to the testing of corporate software, embedded systems – for instance, in medical technology – and the Internet of Things, which is used for tasks like networking a production line in a factory. Meanwhile, the need for defensive measures has also grown. “Every year we work on about 250 projects worldwide – such as attacking a corporate network or testing a system controller,” explains Lehmberg. “The number of projects is steadily growing, and there’s no downtime. On the contrary, however much we refine our defensive strategies, the attacks become that much more sophisticated.”