Handelskammer_Hamburg © Handelskammer Hamburg/Daniel Sumesgutner

Identifying and preventing cyber threats

SERIES: Digital change - IT security. Awareness of threats helps prevention

Industry 4.0, Internet of Things or Cloud Computing may be forward-looking concepts, but they are certainly not immune to cyber crime. And awareness and prevention offer the best protection, an event called “Information Security in the Digital World” in the Chamber of Commerce’s Innovation Campus concluded on June 23. The event was held in co-operation with Netzwerk Standort Sicherheit Hamburg.

Live hack highlights need for protection

Although IT security is definitely an issue, it often remains abstract, said Adrian Ulrich, Head of IT, Media and Creative Economy Department at the Chamber of Commerce Hamburg. A survey of under 1,000 members found that 30 per cent of interviewees did not know whether their computers had been hacked owing to a lack of monitoring and control.

Bernd König, of T-Systems, demonstrated the need for protection in a live hack. Equipped with a toolbox from Darknet, König took only five seconds to find weak points in a company server and to gain access to it. Then he registered as a new user with administrator rights and privileges and was soon in the intranet and able to launch an attack.

Virus scanners, firewalls and analysing weak points

The defensive measures were not particularly serious, said König, adding, “In many cases, professional and regularly updated virus scanners and firewalls suffice.” However, the most important thing is actually confronting and examining the need for protection and security. Depending on the size of a firm, internal or external experts can analyse weak spots.

Alerts, positive attitude, basic knowledge

Michael Enderling, a senior consultant responsible for introducing integrated information security management systems at WMC Wüpper Management Consulting, is such an adviser. Enderling outlined his strategy for awareness measures. “At first, there is an alert like a fake phishing mail telling an employee to enter their user name or password.” Far too many people reveal such data and are then shocked by their own carelessness. As soon as he has raised their awareness of potential threats, Enderling basically tries to instill a positive attitude among staff and executives towards IT security and basic knowledge.

Experts’ tips

Enderling stressed: “It is important for firms to appoint a person with responsibility for security and to train them to use mobile devices, email, internet and passwords.” One of the most frequently used passwords is still 123456. A combination of 12 letters (capitals and lower case letters), special characters and figures is better. Yet, the danger is not always virtual. “Some hackers find a real way into the company – an unlocked office and or via a semi-original password.”

Central contact point for cyber crime

Those who come under a digital attack should contact ZAC – the central contact point for cyber crime. “You can file a complaint with any police officer or via the online (police) station), said Steffen Hahn, Head of the Investigation Department Cybercrime at LKA 543 – Zentrale Ansprechstelle Cybercrime (ZAC).

Sources and further information:

Network for Location Security in Hamburg

The “Netzwerk für Standortsicherheit Hamburg“ pools activities by experts in commerce and IT security, cyber crime, economic crime, corruption, business espionage, qualification and prevention, the security sector, critical infrastructure, sports and events. That allows the exchange of information. Leading corporate executives and in the police force sit in on each other under the motto of changing the perspective. Start-ups and retailers can also consult professionals at the state criminal police.

Data and facts

During the past two years, around half (51 per cent) of all companies in Germany have fallen victim to digital economic espionage, sabotage and data theft, a 2015 study by Bitkom Research found. Around 61 per cent of medium-sized companies are worst hit by espionage or sabotage. The annual loss comes to around EUR 51 million. The perpetrators are usually present or former employees (51 per cent) followed by related firms such as suppliers, clients or rivals (39 per cent) and by amateur hackers (17 per cent) in third place.

More articles

  • There are no older articles in this category.
  • There are no newer articles in this category.