The arcade classic Defender from 1981 was one of the first games with a horizontally scrolling screen and became notorious for its complex controls: five buttons and a joystick that had to be mastered perfectly.

Defender had hard-wired program logic. If you open up an old Defender machine today, you will find either the white, red, blue, or green version. The difference? The circuit board architecture and the number of ROMs.

Software updates? None. It was “built that way” – and stayed that way.

Even today, we encounter such “hard-wired” systems—such as Windows Embedded, controls in production facilities, or specialized industrial computers. An update? Usually only feasible with manufacturer assistance, high costs, and potential downtime. Just imagine an MRI scanner or other medical device—there, too, we often find this “legacy technology.”

Such systems are commonplace, especially in the OT (operational technology) world: machine controls, production lines, and industrial PCs often run for decades and are connected to outdated operating systems—a gold mine for attackers.

Legacy systems belong in their own VLANs or subnets—ideally even in a DMZ structure or physically separate network areas. Only defined communication paths (e.g., via firewall rules) should be possible.

Direct access to such systems? Only via dedicated management systems. Administrators use, for example, a hardened jump server that controls, forwards, and monitors protocols such as RDP or SSH.

Even if older systems generate hardly any logs, network behavior can be analyzed using NetFlow, SPAN port, or IDS/IPS (e.g., Zeek, Suricata). Specialized OT security solutions such as Nozomi or Claroty also provide important insights.

Firewall or IPS rules can block known exploits even if the system itself can no longer be patched—essentially a “safety net” for systems that are no longer maintainable.

A clear emergency plan is essential:

• Backup strategy specifically for OT systems (e.g., images of the control software)
• Provide offline or cold standby systems
• Test recovery and restart processes regularly

Defender is still considered one of the hardest arcade games ever made—developer Eugene Jarvis wanted a game that “not everyone could beat on their first try.” Most players lost all their lives within a few minutes.

In Defender, you’re on your own—but luckily, that’s not the case in IT security.

🚀 We’re happy to work with you to defend your infrastructure.