, ,

Building Resistance into Aged CNC Machines

Ransomware on CNC Machines

How CNC program transfers can overcome the vulnerabilities of SMB1 for greater security and efficiency

It took mere hours. In May of 2017, a devastating ransomware cryptoworm called WannaCry impacted more than 200,000 computers across 150 countries, ultimately amassing over $4 billion in damages. Only months later, a variation of this worm spread to 10,000 machines in Apple’s single supplier of SoC components for iPads and iPhones, causing a production stoppage for a full day and shipment delays among its major tech customer base. The original worm was halted, but IT services management company Cloudflare asserts that WannaCry attacks continue today.

Ransomware on CNC Machines

The ransomware cryptoworm WannaCry notably affected TSMC, which manufactures processors and other silicon chips for major technology companies such as Qualcomm, AMD and Apple, due to a Windows SMB1 server vulnerability.

Starting with SMB1

What happened to the National Health Service (NHS), FedEx, Taiwan Semiconductor Manufacturing Company (TSMC) and so many others? The WannaCry worm exploited “vulnerabilities in the Windows SMB v1 server to remotely compromise systems, encrypt files and spread to other hosts,” explains a fact sheet from the National Cybersecurity and Communications Integration Center (NCCIC). While patches have since been issued by Microsoft, the software company admits there are still instances in which manufacturers may need to run SMB1:

    1. Your company is running XP or Windows Server 2003 under a custom support agreement
    2. You have old management software that demands admins browse via the “network,” also known as the “network neighborhood” master browser list
    3. You run old multi-function printers with antiquated firmware in order to “scan to share”

For manufacturers experiencing such cases, there are workarounds. SMB1 could be disabled on every system connected to the network, recommends the NCCIC. You can block port 445 (Samba). You can verify that there isn’t any unexpected SMB1 network traffic. You can isolate vulnerable embedded systems. But these options may not necessarily be viable for efficient and protected CNC file transfers among aged equipment.

Transfer CNC Programs on SMB1 Machines

Manufacturers can struggle to disable SMB1 on every machine and still transfer CNC programs efficiently, effectively and securely.

Simplifying Network Setups

An alternate route is to simplify network setups altogether. A modern DNC software, like Predator Secure DNC, enables you to remove Windows shares, corporate domains, workgroups, homegroups, Microsoft SMB, CFS, FTP, DNS, WINS, NETBUI and IPX/SPX within shop floor VLANs, WANs or subnets for DNC or file transfers. This can be especially useful for manufacturers running older CNC equipment with Windows-based controls that lack compatibility with newer operating systems. It can also alleviate the need for system upgrades and service packs to maintain the older versions of Windows.

The original WannaCry worm was halted, but Cloudflare asserts that WannaCry attacks continue today.

In other cases, controllers like Haas classic controllers can be upgraded to another SMB version by contacting the machine tool builder or segmenting the network to address CNC machines that are not upgradable or do not run a Windows operating system. The point is, regardless of your SMB1-dependent machinery environment, you can reduce your ransomware risk while gaining the latest benefits in efficiency and productivity.

An experienced manufacturing integrator possesses the technical expertise to properly assess, assign and execute custom solutions for your company. Contact Shop Floor Automations to understand your full scope of SMB1 options today.