Perfectly secured against hacker attacks:
What companies can currently do

 

As a result of the Ukraine war, the threat from hackers has increased. In the latest column Siegfried Müller explains how companies can prepare themselves in the short and long term:

I’m probably not telling you anything new for the time being. The topic of cyber risks in connection with the current situation is so ubiquitous – it’s hard to avoid it. At the same time, the posts of the last three or four weeks all have about the same tenor: Companies must be prepared for a higher threat level in the abstract, or – in other words – for the fact that the “threat situation in cyberspace will intensify.”

Just as frequently, it is pointed out that generally one in three companies, or 34 percent – sometimes a lower or higher figure is cited in this regard – have ramped up their IT protection measures in the short term. Of course, it is more than appropriate at the moment to look at the extent to which one’s own company is armed against cyber attacks and to actually implement some protective measures that can be implemented quickly as soon as possible. After all, according to a survey by Bitkom, 17 percent of companies have already identified concrete signs of an attack.

So it is definitely sensible to react in the short term, because anything that immediately helps to strengthen the level of protection in the current situation can only be seen as positive. On the other hand, in perspective, this does not hold water, because fundamental decisions on measures to increase IT/cyber security cannot be made ad hoc – you need to act, because here a structured analysis is required to determine the actual need for protection and to adapt these findings into the security strategy accordingly. Or as the fact sheet published by “The White House” puts it: “bake it in, don’t bolt it on”.

Is it still possible to insure against cyberattacks?

Adaptation is a good keyword, by the way, because as we are currently seeing, circumstances sometimes change quickly. A few weeks ago I was still able to say that cyber insurance was recommendable from various aspects, also because the damage coverage it provides can be argued as a competitive advantage. But here – as of now – as a new dimension it is now to be noted that, proportionally to the growing danger of hacker attacks in cyberspace, the insurability of cyber risks is decreasing. For the sole reason that, on the occasion of the changed circumstances, many insurers fear high losses.

What could still prove helpful, however, is to use the acquired expertise of cyber insurers regarding appropriate protective measures against potential threats.

Current threats and what companies can do against them ad hoc.
These are – as before – mainly two attack vectors: phishing and ransomware. To increase effectiveness, social engineering is used to cleverly manipulate the intended target with the help of phishing emails, for example to disclose information or perform certain actions that subsequently enable an attack – such as placing malware.

While you may be familiar with these attack methods and mechanisms in general, you need to keep in mind that cybercriminals are, of course, continuously changing them. In the case of phishing, for example, not only is the content strongly adapted (emotionalized) to current interests, but there is also a lively diversification here – from spear phishing*, through whaling* and chameleon phishing*, to vishing*. It is not always easy to keep an overview and prevent employees from falling for it.

3 tips against hackers: how to reduce attack surfaces

That’s why it’s necessary – especially now, during these clearly extraordinary times – not to put off investing in cybersecurity measures and, in parallel, to start immediately both reducing the risk of cyberattacks and dealing with those that remain.

You can start reducing your attack surfaces immediately, because some measures can be implemented ad hoc:

Sometimes software, or programs and apps, are downloaded for one-time use only => check your IT systems for this and remove unnecessary software, or programs and apps.
Authorizations have often been granted that are neither valid nor necessary at a later date. For example, it is not uncommon for employees who have left the company to still have access rights in some places => check the assignment of rights carefully and critically and restrict access rights in accordance with reasonable necessity.
For example, ports are opened in routers or firewall systems for test accesses in order to create the necessary communication options without closing them again afterwards => reduce the communication options through settings in your routers and firewall systems.

What to do if your company is attacked by a hacker

In the event that your company is attacked, it is important to take action as soon as possible to contain the impact of the attack. You can prepare the following immediately:

1. (Semi) automated response to attacks.

When an attack is detected, it makes sense to immediately – and if possible (semi-)automatically – restrict firewall and/or e-mail server rules so that only the company’s processes that are actually relevant can be maintained. Draw up a concept in which the relevant processes of your company are described and the necessary rules are defined.

2. Resource planning of the employees

When an incident has occurred, it will be necessary to have enough qualified employees on site to initiate the necessary steps and implement measures. Create an appropriate emergency/response plan to ensure that all responsibilities are well defined to allow for a timely response.

What else results from the situation

The current situation has another side effect that no one initially expected – in the truest sense of the word: the enormous increase in energy costs. If you think about it further, this means that business trips will become considerably more expensive, and this will probably have an impact on the clients. This clearly shows that remote access not only during the Corona period but that it will continue to be indispensable in the context of a long-term corporate strategy geared to efficiency. Of course, safety must be given top priority here as well.

My conclusion

The best time to prepare is right now – both by taking action in the short term and by moving as quickly as possible to plan the necessary actions and cybersecurity measures.

 

The column was published in its original German version on produktion.de.

Find your sales partner

Find your personal contact person in your area.

Start your remote services

Are you looking for an all-in-one solution? Try our web-based remote access portal today.

u

We are here to help you

Questions? We can help you. For direct support, you can also call us.

Stay informed

Subscribe here to get updates on IoT and remote access solutions, products and features and get the latest cybersecurity updates.

You have questions?

Write us!

Allgemeine Anfrage EN

Callmeback

As a strong brand of Red Lion Controls, MB connect line product line provides you with solutions for Secure Remote Access, IIoT & Industrial Security.

Together we unlock the value of data by developing and manufacturing innovative solutions to access, connect and visualize your information.

Two Brands. One Team.