We’re shifting the focus to what often gets ignored: devices that aren’t connected to the internet, particularly industrial equipment used for day-to-day operations and specific tasks—CNC machines, machining tools, sheet metal cutters, and the like.
In many industrial environments, it’s commonly assumed that disconnected devices are safe from threats, but this perception is dangerously misleading. On Safer Internet Day, Lantek wants to highlight these devices and systems that, despite being offline, play critical roles in production and daily operations.
We’re talking about devices that interact with dozens—or even hundreds—of USB drives to transfer or delete files. Many run outdated security patches or obsolete operating systems like Windows 7 or XP, yet they remain essential to industrial processes. These devices often use outdated protocols like SMBv1 or NTLMv1 and get little attention as long as they “keep working.”
The problem is that these outdated, often malware-infected systems pose a significant threat to businesses. Their lack of maintenance and oversight can lead to serious security incidents, often going unnoticed until it’s too late. Below are some of the key risks associated with relying on such devices:
1. Major security issues due to lack of updates
Without internet access, updating software is difficult, leaving systems vulnerable to known security flaws, exploits, and compatibility problems.
2. Limited access to real-time technical support
Without connectivity, remote support isn’t an option, making issue resolution slower and increasing downtime. The resulting delays can lead to costly production stoppages.
3. Data synchronization challenges
Transferring information between systems becomes slower and error-prone without a network connection. Often, businesses rely on USB devices of questionable origin—many of which are vulnerable to malware infections.
4. Malware infection and spread
These devices typically lack antivirus or Endpoint Detection and Response (EDR) solutions. Over time, they become hotbeds of silent malware, which can easily spread to other connected systems or devices.
5. Loss of performance
Even if they “work,” they don’t operate at full capacity. Malware and outdated software consume system resources, degrading the overall efficiency of industrial processes.
6. Risk of data loss
Without automatic cloud backups, critical data stored on these devices is at high risk of being lost during system failures. In some cases, recovering legacy systems is nearly impossible, especially if the required software is obsolete or unavailable.
7. Barriers to IoT integration
Disconnected devices limit the company’s ability to implement IoT solutions that could monitor and optimize manufacturing processes. This prevents businesses from fully modernizing and gaining real-time insights.
8. Single point of failure with major financial impact
Without protection mechanisms, backups, or disaster recovery plans, a failure in one of these devices can bring an entire production line to a halt, causing significant financial losses.
Ignoring these risks may seem like the easier option in the short term, but it’s a dangerous strategy. Industrial systems require proactive attention, especially in an environment where threats evolve rapidly.
On this Safer Internet Day, we encourage you to look beyond the typical warnings and consider how disconnected devices could be undermining your production systems, daily operations, and even your supply chain. Now is the time to conduct a thorough assessment—review, update, or, if necessary, replace outdated equipment with modern, connected, and secure systems. By doing so, you can ensure business continuity, minimize risks, and avoid unpleasant surprises that could severely disrupt your operations.
Our advice is simple: change your perspective.
Don’t settle for surface-level solutions or follow the crowd. Look deeper to uncover hidden risks and strengthen your defenses before problems arise. True cybersecurity isn’t just about protecting what’s online—it’s about staying ahead of potential threats, even in areas we tend to overlook. Only then can we build a safer, more resilient industrial environment that’s ready for anything.
By Alfonso López Moreno, Cybersecurity Engineer at Lantek