Cybercrime
IT security in the year 2023
Professional cyber criminals are further increasing the risk for companies. Social engineering and the misuse of standard applications pose a massive threat to IT security in Germany. Nevertheless, many companies seem to be neglecting the issue of cyber security.
The IT threat situation will intensify further in 2023. The reason for this is the increasing professionalization of the cybercrime scene. Cyber criminals are increasingly misusing permitted applications, such as administrator tools, or manipulating users using digital grandchildren's tricks. The lack of trained IT security specialists is further exacerbating the situation. End users are now often unaware of the threats due to their diversity.
In order to increase their profits, cyber criminals are using increasingly sophisticated and efficient methods. On the one hand, they are refining and changing their methods for infiltrating networks and, on the other, they are using new tools for their attacks. Vulnerabilities in systems that are used across the board are therefore a major risk. These include, for example, the Java vulnerability Log4Shell, which criminals have used to gain access to company servers and which is still being exploited. This shows that a single vulnerability is enough for attackers to compromise several hundred or even thousands of companies at the same time. It is therefore important for administrators to always keep servers and end devices up to date with the latest software.
The renaissance of rootkits
Another avenue of attack: Rootkits are increasingly being used in attacks in which cyber criminals combine various malware programs. This is because rootkits can be used to hide these programs from security solutions. Criminals' logins to the computer are disguised, as are the files and processes associated with this process. Researchers have demonstrated in a feasibility study that attackers copy rootkits from GitHub, a platform for managing open source software, and incorporate these programs into their attack chains in order to infiltrate companies.
"The problem is that rootkits are not considered malware in the original sense and are therefore legally made available on GitHub," comments Karsten Hahn, Lead Engineer Prevention, Detection and Response at G Data. "Such offers are particularly interesting for criminals with little IT knowledge, because programming rootkits is anything but trivial."
IT security often neglected
Almost one in five employees state that the company they work for does not deal sufficiently with the issue of IT security. This was the result of the latest "Cybersecurity in figures" survey by G Data CyberDefense, Statista and brand eins. Small and medium-sized companies are often under the misapprehension that they are of no interest to attackers. However, it is more lucrative for cyber criminals to attack many small companies with low security standards than to target one company with a high level of protection. Criminals are also focusing on supply chains, as they can reach a larger target via smaller suppliers.
Some companies ignore the dangers on the Internet and, in addition to fines for violating the law, also accept being an easy target for cyber criminals. Andreas Lüning, co-founder and CEO of G Data CyberDefense, comments: "Germany has already achieved a high degree of digitalization. This simplifies processes and shortens communication channels. However, companies of all sizes will only benefit from this if they protect their IT infrastructure sufficiently and see IT security not as an annoying accessory, but as the basis for their work." Many employees are aware of how important IT security is for their company and they support a higher standard of security. Even if the implementation of legal regulations is sometimes complex, 57.7% of respondents are in favor of IT security requirements and adhere to them. Only 8.9% do not consider legal regulations to be useful. If companies want to know how their IT security is doing, there is the option of a comprehensive analysis, a security assessment. This checks where vulnerabilities are located in order to close them before they can be exploited. "A key problem for IT security in Germany is and remains that companies do not take warnings about vulnerabilities or security risks seriously," says Lüning. "They continue to underestimate the real risk of a cyberattack and rely on the principle of hope. Those responsible must act now, because in view of the tense economic situation, no company can afford to lose sales or suffer operational downtime as a result of an IT security incident."
One major challenge affects small and medium-sized companies in particular: The lack of trained IT security specialists. The lack of know-how has a lasting effect on the level of IT security. Medium-sized companies cannot close this gap on their own. Managed security services and employees trained in cyber threats offer a way out of this dilemma. It is important that companies act now. After all, an attack on IT with potentially uncontrollable consequences can happen at any time.
You might also be interested in
"We are clearly different from the competition"
The IT company 21unity offers a range of hardware and software services, as well as traditional services. Andreas Mühlbauer spoke to Managing Director Anja I. Gondolf about the company's appearance at the Hannover Messe, its services and future...
read more...Think digital, act local
When it comes to industrial damping technology, on-site advice is often very valuable for engineers and designers.
read more...Plagiarius 2024 negative prize
On January 26, 2024, the Plagiarius campaign awarded its dreaded "Plagiarius" negative prize for the 48th time to manufacturers and retailers of particularly brazen counterfeits and fakes.
read more...Spindel Full Service records second-best...
Maintenance as an economic success factor
Spindel Full Service, the spindle repair specialist from Baden-Württemberg, can look back on its second-best financial year in its history - with 15% growth compared to the previous year. And the further forecast also looks good.
read more...Thyssenkrupp and Novelis cooperate
Platform for the circular economy
With a platform for the circular economy in the automotive industry, the two companies Thyssenkrupp Materials Services and Novelis want to set new standards for the recycling of used materials. The open platform will enable access to larger...
read more...How production can benefit from AI
Together with AI technology, IIoT networking makes it possible to better control machine parameters and optimize quality with predictive quality. Downtimes and set-up times can also be further minimized. Cloud platforms also make these technologies...
read more...Marco Ghirardello takes the lead
Fanuc has appointed Marco Ghirardello (48) as the new President and CEO of Fanuc Europe. Ghirardello succeeds Shinichi Tanzawa, who has led the company since 2016 and will take on a new role at Fanuc's headquarters in Japan.
read more...Efficient robot monitoring
Microchips are installed almost everywhere - whether in smartphones, washing machines or cars. With increasing digitalization, the demand for semiconductors has been growing rapidly in all areas of the economy for years.
read more...Everything on one platform
Functional and powerful tools are essential for professional work on the construction site, in the workshop or when carrying out repairs.
read more...