Start

Threat from the net

Threat from the net

For readers in a hurry:

  • Companies should keep an eye on five security problems: Ransomware, data leaks, embezzlement, zero-day exploits, phishing and social engineering.
  • Ransomware affects over 70% of global companies. Germany is no exception. Companies are at the mercy of the blackmailers.
  • Effective protection does not differentiate between employees and external parties, but focuses on situational authorizations.
  • Cloud services and software-as-a-service require a rethink of the security architecture. Firewalls, VPNs and virus scanners are no longer enough. New security architectures provide a remedy.

Tip to try out

What applies at work also applies at home. In addition to the typical security measures to ward off cyber criminals, a backup strategy should also be used - including on your home PC or Mac. On a positive note, more and more software manufacturers are bundling functionalities. Acronis is one of them. In its Acronis Cyber Protect Home Office (formerly Acronis True Image) includes complete backup software as well as antivirus and ransomware protection - and all for a double-digit annual fee.

The Big Five

Not a week goes by without medium-sized companies or corporations falling victim to hacker attacks. Not a week goes by without a warning about the immense threat situation in Germany - recently in the BSI situation report 2023. Not a week goes by without us countering the criminal energy with our creative intelligence. Today we want to take a closer look at the threats posed by cyber criminals. How do they cause damage to a company?

Ransomware

By this we mean malware that encrypts data (e.g. Word documents) or systems (e.g. ERP). The encryption is only lifted against payment of a ransom to the criminal or criminals - or not at all. Ransomware is the most common threat worldwide. According to a survey, over 70 percent of companies globally have fallen victim to ransomware attacks. And the trend is rising!

Data leaks (data breaches)

Data leaks are vulnerabilities, e.g. in publicly accessible Internet servers or company portals, through which hackers can gain access to company data. gain access to company data gain access to company data. They usually move across several servers in the company until they come across valuable data such as price lists, offers, employee data or financial information. They then sell this data at a high price to competitors or other beneficiaries. Data leaks can also occur due to incorrect software configuration, incorrect rights configuration or outdated, faulty software ("bugs"). Negligence in these areas is often the cause of a data leak.

Infidelity (Insider Threats)

It's hard to believe, but not every employee is faithful and loyal to their employer. In addition to well-paid "sleepers" and "spies", there are of course also mishaps - a wrongly sent email, a lost USB stick, etc. - that pose a threat from within from within. Temporary workers, service providers - even customers - can be other sources of misappropriated or illegally obtained trade secrets. This is why it is no longer effective to differentiate between internal and external parties. Business partners are too intertwined.

Zero-day exploits

This is a vulnerability in vulnerability in a piece of softwarethat is not yet known to the software manufacturer when it is exploited. The manufacturer is then fighting against time. The longer it takes to eliminate the vulnerability, the longer cyber criminals can usually exploit it unhindered. With competent help, companies can mitigate the risk and damage by taking additional protective measures to make it more difficult for hackers to gain further access. In the end, only an update from the manufacturer will help.

Phishing and social engineering

Banks like to warn their customers about these threats on their websites. Who hasn't seen them: the requests in the name of well-known large companies such as PayPal or Amazon to unlock the supposedly blocked account by re-entering a password. Or the phone call from the friendly, alleged bank advisor asking you to quickly give him the security code on your cell phone so that he can prevent your account from being blocked. These scams are also widespread within the company. However, as they can be combated not only technically but also through prudent behavioral training, it is worth sensitizing the workforce in addition to well thought-out IT measures. A healthy skepticism is helpful.

Data protection - taken literally

What can help when a company has difficulty distinguishing between friend and foe on the one hand, and is confronted with loopholes that it cannot significantly influence or eliminate on its own on the other? Concentrate its strength and resources on the company's data and applications!

We have already outlined which elements a modern security stack has for the cloud world. The focus of companies must shift from the infrastructure to company data and company applications. It is not notebooks, smartphones, home offices or servers that need to be protected. It's the data and applications on them. Does this mean switching off firewalls, VPNs and anti-malware protection? Not at all! However, the entire security architecture is changing.

Instead of selective protection, as is the case with a firewall that protects a company network, or anti-malware software that protects end devices, "relationships" are checked. Which end device accesses which target from which network and for what purpose? Example: A sales employee wants to download his customers' price lists from the company sharepoint from an Internet café on his private iPad Pro and move them to his private Dropbox. Do you want to allow this?

Modern cloud security makes precisely such decisions on an ongoing basis. Every user action is checked for possible rule violations. Other protective measures are also used to contain the threats described above: Endpoint protection, identity protection, dynamic access brokers to cloud and SaaS services such as Microsoft 365, Salesforce or ServiceNow, cloud firewalls and a few more.

Effective steps

If you use or provide software from the cloud; if you have mobile employees - think home office, workation, work from anywhere -; if you work with many service providers; or if you don't want to rely on the complete loyalty of your workforce: rethink your cybersecurity architecture. You can often achieve a significant increase in security with just a few well thought-out measures, so that hackers and other criminals can move one gate further. Combined with just-in-time automation of defensive measures, modern security solutions are an expense that can save you from huge damage. You can easily try this out: Install a ransomware like WannaCry or Petya in a sealed-off cloud test environment and then try out how to continue using an infected software. And then imagine this happening to your company computers, your cloud data and your ERP system.

Si vis pacem, bellum para - if you want peace, prepare for war

About Business Automatica GmbH:

Business Automatica reduces process costs by automating manual activities, increases the quality of data exchange in complex system architectures and connects on-premise systems with modern cloud and SaaS architectures. Applied artificial intelligence in the company is an integral part of this. Business Automatica also offers automation solutions from the cloud that are geared towards cyber security.