In times of growing digitalisation, cyber security is one of the most important topics - especially for companies. Specialists like Perseus Technologies can help to protect against cyber threats. In an interview, Johannes Vakalis from Perseus explains the current state of affairs in the area of cybercrime and what is important in prevention.
From your point of view, how far has the topic of cyber security moved into the focus of companies and society in the meantime?
Johannes Vakalis: Indeed, the topic is very much in focus at the moment. Especially in the past few months, there has been an increase in IT security incidents. This ensures that companies are increasingly concerned with IT and cyber security. At Perseus, we notice this above all in the fact that we send up to two or three threat warnings per week to our customers. In these, we warn of current threats from the Internet and give clear instructions on how to avert these risks.
The pandemic has played a very large part in this development. Socially and also in everyday professional life, the lockdown and the associated switch to the home office in Germany have caused a massive digitalisation push. Activities and processes that were previously manual have now been digitalised. This change also requires a rethink, which leads people to deal much more intensively with the topic of cyber security in their private lives, but especially at work.
How would you describe the current situation in the area of cybercrime?
Last autumn, Arne Schönbohm, the president of the Federal Office for Information Security, described the current situation as "tense at a very high level". As a basis of argument for his assessment, he stated that no company, regardless of sector or industry, can feel safe. Cyber criminals target everyone and a cyber attack can hit anyone - whether it's an automobile factory, a manufacturing plant, a hospital or a university.
Of course, there are also successes to show for it. For example, the destruction of the Emotet malware, which repeatedly paralysed entire corporate IT infrastructures over the years. However, one cannot speak of an easing of the threat situation if one takes into account that there were 314,000 new malware variants per day in 2020.
These are enormous numbers. Is phishing still the biggest threat?
Phishing is definitely one of the biggest threats to businesses. According to the European Union Agency for Cyber Security, the number of email phishing attacks has increased by more than 600 per cent since the end of February 2020 due to the coronavirus pandemic. Cyber criminals use current occasions and regulations such as mandatory masks, vaccination dates and disinfectants as a hook to launch targeted phishing campaigns.
We have confirmed this trend in a study. In late summer 2020, we asked 3,000 employed people about their experiences with cyber security and data protection. It showed that during the first lockdown phase, one in five were victims of a cyber attack. Of these, 50 percent were due to phishing attacks.
How vulnerable are smartphones and what methods can be used there?
Smartphones are small computers and therefore in principle as vulnerable as laptops, desktops, etc. They are even particularly attractive targets for hackers because a lot of personal data is stored on them, from telephone numbers to passwords to payment data. This data can be spied out and misused, for example. Or they are encrypted and a ransom is demanded for the alleged decryption. So-called banking Trojans, which are intended to give cyber criminals access to the account of the attacked person, are particularly common.
The respective malware usually gets onto the smartphone via apps. For example, via free apps that contain hidden malware. Or via fraudulent text messages or e-mails that contain a link requesting the download and installation of an app. An important precaution is therefore to critically check apps before installing them - and to give installed apps as few access rights as possible.
To what extent are clouds also a vulnerable area and how can they best be protected?
Professional cloud providers are characterised by high security standards. Therefore, cloud applications are largely considered secure. Nevertheless, as with any other platform, clouds are only as secure as their weakest link. In this case, that is often the person using the cloud. An example: The user uses the same password for cloud access as for another account. The server of the other account is hacked and cyber criminals can read the access data. Now the hackers would have the possibility to log into the cloud as well with the stolen login information. They could view, extract, encrypt or delete the data stored there.
Here, too, the best protection is to raise users' awareness. It must be made clear to them which measures contribute to a secure IT infrastructure. For example, prudent password management is very important. Long and complex passwords must be used. A unique password should be created for each application. It is also advisable to change passwords regularly.
Furthermore, how can one best protect oneself from hacker attacks?
In addition to the prudent password management just mentioned, there are other measures that should definitely be observed and implemented in the company. A firewall and anti-virus software should be installed. All updates of the operating system and the software used should be installed immediately. It is also advisable to give employees only the access rights they really need. Another thing we always advise companies to do is to make backup copies. If all of a company's data is encrypted by an attack from cybercriminals, a complete and up-to-date backup can save a lot of money and also a lot of stress. We advise following the 3-2-1 rule. In other words, create 3 backup copies on 2 different storage media, 1 of which is kept physically separate from the network.
Beyond these individual measures, cyber security in the company must be seen as a holistic process in which the entire workforce is continuously involved. In addition to the technical aspects, this includes: Preventive measures, firmly established guidelines on how to proceed in the event of a cyber emergency and the conclusion of cyber insurance that covers financial risks. Only the interplay of the four factors technology, people, emergency management and cyber insurance ensures sufficient protection against data loss and threats from the internet.
Thank you very much for this interview!
Interview: Benjamin Esche