The 2022 situation report of the Federal Office for Information Security (BSI) shows that IT security in the public sector is increasingly under threat. That is why the IT security experts at ProSec support not only companies, but also authorities, municipalities and critical infrastructures (KRITIS) in building their cyber resilience. This article in Handelsblatt reports how our penetration testers and IT security consultants go about this.
The IT security experts at ProSec monitor current cyber attacks on authorities, municipalities and KRITIS very closely. Since the beginning of the Ukraine war, the number of politically motivated hacking attacks ("hacktivism") has been increasing. The high point so far was the "first digitally-related disaster in Germany", as the Handelsblatt reports: The district of Anhalt-Bitterfeld was unable to provide services such as the payment of social assistance for more than 200 days. In the article, our founder Tim explains: "Whereas malicious hackers usually aim to pay ransom, pro-Russian hackers want a show of force."
Our co-founder Immanuel has already advised numerous municipal institutions and repeatedly makes it clear that digitization and IT security in the public sector must go hand in hand: one simply does not work without the other. Because digitization always means interfaces, which in turn represent attack vectors for hackers.
In the article in the Handelsblatt, Tim and Immanuel make it clear why they are committed to more IT security in the public sector: "Attacks on the IT of public authorities always affect people in the end." We therefore always work closely with municipalities and KRITIS such as municipal utilities, to realistically assess and efficiently improve their IT security.
The cooperation is usually divided into two phases: First, a penetration test is carried out to uncover and document all weaknesses in the organization. Our IT security consultants then support you in permanently eliminating the findings.
In our penetration tests, we act like real attackers and therefore do not limit ourselves to technical vulnerabilities. A physical security check (e.g. access to the server room) is usually checked as well as the weakest link in the chain: the human factor. Because our founders make it clear in the article: An unattended network socket is often enough for them to penetrate their customers' networks. In most cases, however, it is the "human weakness" that criminals exploit.
When IT managers in the public sector work together with experts such as penetration testers and IT security consultants at ProSec, this means more digital and real security for all citizens.
A Microsoft security update has unexpectedly created a new security vulnerability that puts businesses at risk. This undocumented side effect could block users' Windows updates and cut off systems from future security updates. A potential nightmare for IT security and business management.
Two critical vulnerabilities in Spotfire's AI analytics platform could be exploited by hackers to threaten companies in the industrial, financial, and research sectors. Experts urge CEOs, CIOs, and CISOs to take these risks seriously and act strategically.
A security vulnerability in the WordPress plugin "SureTriggers" puts over 100.000 corporate websites at risk. This article highlights the risks and provides recommendations for effective IT security strategies.
