Every year in November, we at G DATA CyberDefense ask our IT security experts the same question: “What risks will threaten the IT security of companies and private individuals in the coming year?” In the first part of this blog series, Andreas Lüning, Thomas Siebert and Eddy Willems answer this question.
The fight against cyber criminals and vicious attack attempts from the web will go to the next level in 2023. On the one hand, attackers are refining and changing their methods of infiltrating networks, and, on the other hand, they are using new tools for their attacks. Our cyber security experts provide information on the dangers that threaten corporate networks and the systems of private individuals. They explain why companies underestimate the risks of a cyber attack, what dangers are in store from social engineering, and what the shortage of skilled workers means for IT security. They also give advice on how companies and private users should protect themselves. Let’s get started...
Andreas Lüning, co-founder and board member of G DATA CyberDefense
A central problem for IT security in Germany is and remains that companies do not take warnings about vulnerabilities or security risks seriously. They continue to underestimate the real risk to themselves of a cyber attack and rely on the principle of hope to see them through. Yet many people forget that Germany has already reached a high degree of digitisation. Digital processes and communication support companies when they keep records, talk to their customers, store information and manage knowledge. Security in supplying digital information is as existential as electricity or water.
On top of that, those who strengthen the digital security of their company can also use this as a competitive advantage. This is proven by our current study, “Cybersecurity in Numbers”. Almost 45 percent of those surveyed would not want to work in a company where the approach to the subject of IT security is too lax. IT security is therefore of central importance - especially in view of the ever-increasing shortage of skilled workers.
An effective combination of security solutions and employees trained in cyber risk is needed. This kind of holistic IT security strategy enables companies to position themselves for the future. It is of vital importance that they act now because, in view of the tense economic situation, no company can afford sales losses or operational downtime caused by an IT security incident.
Thomas Siebert, Director of Security Solutions, is next. His focus is on the global political situation, which also has an impact on cyber security in Germany:
The threat situation will not let up in 2023. One reason for this is that the professionalisation of cyber crime is continuing. Cyber criminals are working to improve the efficiency of attacks to increase their profits. Consequently, vulnerabilities in systems that are widely used are a particular risk. A single gap is enough for attackers to compromise hundreds or even thousands of companies at the same time.
In view of the current geopolitical situation, the risk of economic espionage through cyber attacks has also increased. It can no longer be ruled out that states are deliberately sabotaging entire economic sectors or supply chains in other countries in order to destabilise the situation. A well-prepared attack could have a massive impact on a country's economy.
Another challenge that affects small and medium-sized enterprises in particular is that the shortage of skilled workers is becoming more noticeable. This lack of expertise has a lasting effect on the level of IT security. Medium-sized companies cannot close this gap on their own. Therefore, more and more SMEs are considering managed security solutions. This is the only way they can effectively protect their network.
To conclude the first part, Eddy Willems, Global Security Officer & G DATA Security Evangelist, explains the role users play in cyber attacks and how criminal hackers hijack and exploit legitimate tools for their own purposes:
Technological protection against malware has improved significantly and IT security companies are constantly developing this further, while cyber criminals are also refining their attack methods. This means that they are eagerly looking for vulnerabilities in the defence strategy. So, once again, we are reminded of the weakest link in the security chain - ill-informed users. Looking ahead, cyber criminals will continue to rely more and more on social engineering to steal personal data or information. They can use this to gain access to a computer and/or a company network or to obtain access data for social networks. Anyone who thinks this won't happen to him or her is underestimating the danger, because the attacks are becoming more and more professional. Instead of mass attacks, cyber criminals are now targeting individuals.
Companies are therefore increasingly using multi-factor authentication (MFA) to prevent unauthorised individuals from simply logging into a network using someone else’s credentials. Recently, it has been seen that cyber criminals are using a social engineering technique called “MFA fatigue”. The advantage for attackers is that the technique works without the need for malware or a phishing infrastructure. In such an attack, criminals run a script to log in using stolen login data. When they do, the MFA system generates countless push requests to the account holder's mobile device. Eventually, the user agrees to the push messages and the cyber criminals gain direct access to the VPN and the network. This attack method was used in both the Cisco and Uber hacks.