Manufacturing Tomorrow


BlueKeep and Iranian cyberattacks: What manufacturers need to know

Jul 23, 2019
By: Tom Wojcinski
Manufacturing and Distribution

As if labor shortages and dwindling margins aren’t enough, manufacturers now also have to worry about Iranian cyberattacks and a new vulnerability Microsoft remote desktop protocol.

BlueKeep is a flaw in Microsoft’s remote desktop protocol that could allow a hacker to take total control of a computer.

The threat is significant since many organizations use RDP so IT teams can remotely troubleshoot system. 

The vulnerability was first acknowledged by Microsoft in May and reported to impact older versions of Windows 2000 through Windows Server 2008 R2, Windows XP and Windows 7.

While Microsoft replaced these versions of Windows many years ago, it’s not uncommon for manufacturers to still run these operating systems in production control systems or embedded applications. 

The severity of the vulnerability is so high that Microsoft took the unusual step of providing security patches for retired Windows 2003 and Windows XP operating systems.

All organizations should make sure they have applied Microsoft’s latest security patches to address this vulnerability and follow the NSA’s strict guidelines for the use of RDP.

The escalating global tensions and increase of Iranian cyberattacks may not seem relevant for mid-market manufacturers, but it is important to be aware of.

The U.S. Department of Homeland Security is warning the public that hackers out of Iran are doing more than stealing data and money. They are deleting entire networks with “wiper” attacks.

Analysts in the cybersecurity community are speculating that if Iranian military cyber attackers can’t effectively penetrate U.S. military systems, they could target the broader non-governmental sector and cause disruption to many U.S.-based commercial entities, like manufacturing.

Learn how to tell if you’re safe in our article about the Iranian cyberattacks or visit our web page to learn more about Wipfli’s comprehensive portfolio of cybersecurity services.


Tom Wojcinski, CISA, CRISC
View Profile
Manufacturing Tomorrow blog
Subscribe to Manufacturing Tomorrow