Industry 4.0, Internet of Things or Cloud Computing may be forward-looking concepts, but they are certainly not immune to cyber crime. And awareness and prevention offer the best protection, an event called “Information Security in the Digital World” in the Chamber of Commerce’s Innovation Campus concluded on June 23. The event was held in co-operation with Netzwerk Standort Sicherheit Hamburg.
Live hack highlights need for protection
Although IT security is definitely an issue, it often remains abstract, said Adrian Ulrich, Head of IT, Media and Creative Economy Department at the Chamber of Commerce Hamburg. A survey of under 1,000 members found that 30 per cent of interviewees did not know whether their computers had been hacked owing to a lack of monitoring and control.
Bernd König, of T-Systems, demonstrated the need for protection in a live hack. Equipped with a toolbox from Darknet, König took only five seconds to find weak points in a company server and to gain access to it. Then he registered as a new user with administrator rights and privileges and was soon in the intranet and able to launch an attack.
Virus scanners, firewalls and analysing weak points
The defensive measures were not particularly serious, said König, adding, “In many cases, professional and regularly updated virus scanners and firewalls suffice.” However, the most important thing is actually confronting and examining the need for protection and security. Depending on the size of a firm, internal or external experts can analyse weak spots.
Alerts, positive attitude, basic knowledge
Michael Enderling, a senior consultant responsible for introducing integrated information security management systems at WMC Wüpper Management Consulting, is such an adviser. Enderling outlined his strategy for awareness measures. “At first, there is an alert like a fake phishing mail telling an employee to enter their user name or password.” Far too many people reveal such data and are then shocked by their own carelessness. As soon as he has raised their awareness of potential threats, Enderling basically tries to instill a positive attitude among staff and executives towards IT security and basic knowledge.
Enderling stressed: “It is important for firms to appoint a person with responsibility for security and to train them to use mobile devices, email, internet and passwords.” One of the most frequently used passwords is still 123456. A combination of 12 letters (capitals and lower case letters), special characters and figures is better. Yet, the danger is not always virtual. “Some hackers find a real way into the company – an unlocked office and or via a semi-original password.”
Central contact point for cyber crime
Those who come under a digital attack should contact ZAC – the central contact point for cyber crime. “You can file a complaint with any police officer or via the online (police) station), said Steffen Hahn, Head of the Investigation Department Cybercrime at LKA 543 – Zentrale Ansprechstelle Cybercrime (ZAC).
Sources and further information: