That’ll cost you: IT security is often neglected
There’s no such thing as 100% IT security in the digital world. That’s why it’s all the more important for companies to identify attacks immediately and to respond as quickly as possible.
It’s not just large companies that are affected by cyberattacks. The auditing and consultancy company PricewaterhouseCoopers AG (PwC) has published a study entitled “In the crosshairs of the cyber-gangsters. The precarious nature of IT security in Germany’s medium-sized companies.” According to their findings, one in every five companies was hit by a successful attack in 2016, compared with just one in ten in the previous year. The study surveyed 400 nationwide companies with up to 1,000 employees. “Many of them are world market leaders and hidden champions. They have state-of-the-art technologies, highly specialised expertise, and an impressive customer base. These companies and their data are therefore particularly attractive to cyber-gangsters,” said Peter Bartels, PwC’s board member and head of its Family Businesses and SME Department.
According to Germany’s Federal Office for Information Security (BSI), a system can get infected with malicious programs in various ways. The most frequent include email attachments, unnoticed infections when visiting websites, and links to malicious programs, which are increasingly hidden on apparently legitimate advertising banners (malvertising). In addition, there are internal threats. According to the security company Forcepoint, internal security gaps account for around half of the breaches of sensitive company data.
The market researchers of the auditing company KPMG AG released a study entitled “E-crime in the German economy 2017 – cybercrimes in focus”. They estimate that companies have incurred an average of 15,000 to 150,000 euros in financial damage due to cybercrimes in the past two years. This includes the loss incurred, the lost profit, investigations and follow-up costs, fines, compensation, and possible profit deductions. One in 20 companies surveyed had lost more than one million euros in total due to cybercrime in the past two years.
The malicious program Wannacry infected tens of thousands of computers around the world in May 2017 and encrypted computer files, with the cyber-blackmailers demanding a ransom for their decryption.
In addition to the widely dispersed mass attacks such as Wannacry or Locky, individual companies often receive targeted attacks, which they often only notice months later, if at all. That is because virus scanners do not recognise malicious software that has been built specifically to attack one company. According to the current IDC (International Data Corporation) study “Next Gen Endpoint Security in Germany 2017”, half of the companies are using so-called advanced security solutions, such as next-generation firewalls. “Our study results show that only half of German companies are using the latest generation of modern and complex protection mechanisms. Failure to do so is, in principle, an invitation to a successful attack,” warns Matthias Zacher, the study’s author.
A next-generation firewall works hand-in-hand with the so-called Endpoint Protection directly on the PCs of the users, which is another necessity. That’s because hackers prefer to target the user interfaces to the internal and external systems. The protection software detects when many files are opened in a very short time. It will alert and signal the firewall to increase the protection level. Finally, an analysis software should be used. It continuously monitors the volume of data received and transmitted, evaluates it, and reports abnormalities. It is important that all these components work together, so that malicious software in the system is detected immediately. “Otherwise, the most up-to-date security tools won’t help you,” says Asma. The fact is, companies are attacked daily, and this isn’t going to change. “The important thing now is to keep the area that can be attacked as small as possible, to monitor systems and interfaces proactively, and to have recovery plans available,” advises IDC expert Zacker.
In the networked world, it is becoming ever more important for companies to identify attacks early on, and to understand the reasons behind the attacks. Only then can they adapt their security mechanisms. The solutions are cloud-based, so they are also affordable for smaller companies. Security expert Jörg Asma advises his customers on how to implement next-generation firewalls, which also perform a content inspection and analyse data streams. They can put files in a secure quarantine, a so-called sandbox, and open the files there to check the code for malicious software, so it cannot infect the entire computer. Instead of weekly, they are updated every 15 minutes to identify the latest threats, which are multiplying unchecked. The number of known malicious program variants rose again in 2016, and, according to the information provided by the Federal Office for Information Security, had reached more than 560 million by August 2016.
Image: unsplash/ Ilya Pavlov