BSI Management Report 2022: This is how the next report will be more positive

The BSI management report 2022 on the situation of IT security makes it clear that the threat of hacker attacks continues to increase. In this article in the Süddeutsche Zeitung (SZ), the IT security experts from ProSec compare the statistical evaluations with their practical experience and explain how the report can be more positive this year.

Table of Contents

According to the BSI Management Report 2022, these are currently the greatest threats

A New Threat: Pro-Russian Hacktivism

The article aptly summarizes the conclusion of the BSI Management Report 2022: "The threat in cyberspace has never been as great as in 2022." This is not least due to the activities of pro-Russian hacker groups in connection with the Ukraine war, which as called "hacktivism". These attacks affect both private companies and public sector institutions.

The article highlights two examples that illustrate the scope of successful cyber attacks: A German mineral oil company, for example, had to temporarily shut down critical processes because hacktivists attacked the American parent company. A successful hacking attack on the Ukrainian satellite communications resulted in a failure of the remote maintenance of German wind turbines.

Our founder Tim explains what the hacktivists are about in these cases:

While malicious hackers usually aim to pay ransom, the pro-Russian hackers want a "show of force", i.e. the demonstration of their own strength.

Tim Schughart CEO ProSec

Ransomware is a lucrative business

Despite these new developments, “ransomware is still the main problem,” the article in the SZ makes clear. Both the number of victims and reported ransom and hush-money payments have continued to increase.

This no longer only affects private companies or even particularly high-revenue companies (so-called "Big Game Hunting"). Attacks on municipal administrations are no longer uncommon. The article cites the ransomware attack on the Anhalt-Bitterfeld district as a particularly drastic example. As a result, the first digital disaster was declared in Germany, since, for example, it was not possible to pay social benefits over a long period of time.

 

Has one of your competitors already been hacked?
Don't let your business be next!
For the penetration test

This is how the situation looks in practice: Our founders Tim and Immanuel report on their everyday life

In the SZ article, our two founders make it clear why hackers still have such a high success rate: First of all, digitization is creating more and more interfaces and attack vectors. Second, every company and every authority ultimately has people who are the weakest link in the defense chain when it comes to cyber security.

In most cases, however, hackers use “the greatest weakness of every authority, the people,” Immanuel Bär knows from his many years of experience.

In most cases, it doesn't take much for a successful hacking attack, as Tim and Immanuel know from experience: a classic phishing email with malware attached is often enough to gain access to a network. Data is then encrypted and exfiltrated from the networks, and the victims are blackmailed.

However, people are not only the greatest weakness of any IT, they are also the actual victims, as the example of Anhalt-Bitterfeld shows. Immanuel emphasizes that this is exactly what motivates the ProSec team:

Attacks on IT ultimately always affect people. This is one of the most important motivations for us to support authorities on this topic.

Immanuel Baer Co-Founder Private

Lessons learned from the BSI management report 2022

Cyber ​​resilience can only be built up in a company or authority in a targeted and efficient manner if an "anamnesis" of the current situation is first taken. This is exactly the goal of our penetration tests.

In the article in the SZ, our experts use an example to illustrate how important it is to include the human factor and physical security in such a security assessment: During the penetration test for the municipal utilities of a location, our pentesters found documents in the information gathering phase a freely accessible paper container. This allowed them to find out the name of an IT service provider for the public utility company and pretend to be the latter in a phishing call. In this way, they obtained further confidential information, which an intern we smuggled in was able to make use of it on site afterwards. The intern placed a network sniffer with an LTE connection - with the inscription "IT, please leave it" and thus compromised an operational technology network.

In this and all other penetration tests we carry out, we act like malicious hackers, but without actually causing any damage. On the contrary: We support our customers in eliminating the security gaps so that other hackers can no longer exploit them.

 

Don't know how to strengthen your cyber resilience?
Our IT security experts will advise you individually.
Contact us now
DIVIDE
OTHER CONTRIBUTIONS

Table of Contents