Get in touch
It can happen to anyone! What sounds like the trailer to a thriller is simply a realization from media observation in recent months. Cyber attacks and data leaks are on the increase: ThyssenKrupp, the city of Potsdam, the University of Duisburg-Essen – these are just three examples of recent successful cyber attacks. For a long time now, criminals have not only been focusing on large corporations, but also on SMEs, public authorities and municipalities, as well as critical infrastructures (KRITIS).
In its annual report "The State of IT Security in Germany 2022" published in October 2022, the German Federal Office for Information Security (BSI) also concludes that, on the one hand, cyber extortion of high-revenue companies has increased, but on the other hand, less revenue-generating companies and municipalities can also increasingly become the target of ransomware attacks. Another finding in the report: SMEs in particular usually do not have the necessary personnel to adequately protect themselves and, in the event of an emergency, often do not know where to turn for expert help.
This shows how important it is for organizations of all sizes to really get to grips with IT security now, to protect their systems and prepare for possible attacks. We created an overview of opportunities and challenges that are important in this context in 2023.
Many employees still work from home, and it has long been clear that this is no longer a temporary state of emergency, but a situation to which companies must adapt in the long term – also with regard to security aspects.
This is because the new mobile working mode enormously expands the attack surface for cyberattacks. This results in additional requirements for security processes. One starting point, for example, is the establishment of a zero-trust architecture and a clearly specified separation of private and business devices. Workplace requirements, such as secured WLAN connections and prevention of third-party access (in the case of shared households) to corporate data, can also help. Classic methods such as phishing and ransomware can, of course, be successful regardless of the environment; what is important is appropriate training of employees and supporting security solutions to detect and avoid dangers at an early stage.
The approach is not new to the IT security market, but is now of even greater interest due to current developments. In the summer of 2022, for example, the German Federal Ministry of the Interior and Community advocated a gradual development toward zero-trust architecture in response to the increasingly critical cybersecurity situation.
In concrete terms, this means that users and applications are generally regarded as untrustworthy, and all access, even from within the company's own network, must be authenticated. This requires an overview and control of users, applications, services and devices within the data environment. Access and access authorizations are controlled via user roles, and authentication takes place via multi-level procedures in order to circumvent the password vulnerability.
Various factors play a role in setting up a zero-trust architecture. First of all, all the applications and providers used must be identified. Permanent authentication also increases the load on the system – and also the effort required for authorization management.
Business with stolen data booms. One consequence is that you can now get ransomware kits on the darknet just like legal software elsewhere – for example, as subscription models or via profit sharing. Ransomware-as-a-service makes it even easier for cybercriminals to attack and extort companies: Attackers require much less technological knowledge. It is therefore all the more important to comprehensively protect one's own systems and data and to be prepared for attacks.
Recently, ChatGPT made the possibilities of artificial intelligence visible for the public once again. The automated writing of homework is not the only field where the chatbot can unleash its criminal energy. Although some possible abuse use cases were considered and ruled out during programming, in other cases ChatGPT can easiliy be involved in criminal activities. For example, the bot can create the texts for sophisticated phishing campaigns and enable people without much programming knowledge to generate the code for associated websites, including a form for data tapping. Another example of the misuse of AI is that it can be used to automatically detect vulnerabilities in applications, making the work of cybercriminals easier.
However, AI can also help with IT security, for example in the form of intrusion detection systems that use artificial intelligence and machine learning to learn how to detect irregularities in network traffic and take action against them.
The threat of cyber attacks is becoming more acute for all organizations. Unfortunately, SMEs and KRITIS in particular often do not have sufficient personnel and knowledge internally to protect themselves adequately, because many measures require experience and expertise on the one hand and time and administrative effort on the other.
The good news is that comprehensive IT security is not a task that SMEs or KRITIS have to tackle alone. Ideally, companies bring experienced partners on board for consulting or implementation. A number of service providers specialize in precisely this and offer suitable packages for different needs. For German companies, GDPR-compliant cloud service providers with hosting, development and operation in Germany will become increasingly important in the future.
The most important thing, however, is not to hesitate any longer, but to tackle the issue of cybersecurity now.