Security on the Internet: Immanuel provides information on the radio

Our co-founder Immanuel was a guest Radio Bonn/Rhine-Sieg and answered questions on the subject of “security on the Internet” from the team of moderators Nico Jansen and Jasmin Lenz and their listeners. Being a friend of practical examples, he put the radio station's IT security to the test before arriving in the recording room.

Table of Contents

Immanuel checks the IT security of Radio Bonn/ Rhein-Sieg

If you were invited to an interview at Radio Bonn/Rhein-Sieg as a professional hacker, you would go to the server room first before entering the recording room, wouldn't you? Our co-founder is a friend of practical examples and has put his hosts to the test twice over:

Could an attacker be in the radio's server room unattended and wreak havoc there? And what about the digital security of the moderators?

For example, could a hacker get hold of the contact details on the smartphone and use them to deceive?

You can listen to how the employees at Radio Bonn reacted to the unannounced test in this recording of the interview:

What about IT security in Germany?

Digital security in the public sector

Immanuel is not only committed to security in the digital space in his function as a professional hacker (the official term is penetration tester). For example, he also sits on the digital advisory board in his hometown of Koblenz, as he reports in an interview. There he contributes, among other things, to the fact that the increasing digitization and networking of public infrastructures (keyword "Smart City’) includes safety aspects.

In his opinion, Germany has very good prerequisites for positioning itself well when it comes to cyber security: With the Federal Office for Security in Information Technology (BSI), for example, we have an authority that explicitly takes care of digital security issues in Germany. For so-called Critical Infrastructures (KRITIS) there are requirements in Germany in relation to their resilience, which also include IT security. According to Immanuel, this represents an advantage over countries where there are no such rules.

Our burglary rate since our founding in 2016 has been 100%.​

Immanuel Baer Co-Founder Private

Cyber ​​security in business

When it comes to the economy, Immanuel turns the tables and has a question for the moderators: How high do you think our burglary rate has been for our customers since the company was founded in 2016? However, Nico Jansen is wrong with his estimate of “almost 50 percent”. In fact, our penetration testing team has been able to break into every customer's network to date.

How can that be? Immanuel identifies two main causes for the existing weak points in companies: The precedent is the train of thought “Who is going to hack us?” Many companies think they are too small or insignificant to be targeted by hackers. However, this is a fallacy, since many attacks are not specifically aimed at a specific company, but are widespread.

Based on this false assumption, essential detector measures (monitoring) would not even be introduced downstream in the company, Immanuel states. A particularly easy target, for example, is company websites where IT security aspects have not been taken into account. Because one thing is clear: "Good hackers are lazy" - and therefore always look for the easiest way.

If a company has basically established protective measures, it is quite possible that the ethical hackers at ProSec will initially fail. Then, however, the principle of “try harder” applies. In case of doubt, the penetration testers disguised as service providers (or, like Immanuel at Radio Bonn/Rhein-Sieg, only with a network cable in hand) gain physical access on site. There is always a way, as our “burglary rate” shows.

Here you can have Immanuel personally explain his view of IT security in government and business again - and what the "website Friedolin around the corner" has to do with it:

Is your business the first we can't hack?
Find out!
For the penetration test

Security on the Internet: How can I protect myself privately from hackers?

Awareness

For Immanuel, before the question of how to achieve more security on the Internet in everyday life, there is a basic awareness of how digital each individual is now: starting with cars, which are now more computers than motorized vehicles, to smart refrigerators and voice assistants to accounts at countless online shops. This list makes it very clear how many attack vectors we all have in the digital space. Because digitization always means vulnerable interfaces, Immanuel makes clear.

If we are aware in the first step that our vacuum cleaner robot has a web server, a GPS module and a camera, for example, we can work on increasing our security in the next step without having to forego the convenience of digitization .

4 simple measures for more security on the Internet in everyday life

Being aware of potential vulnerabilities is a good start, but of course it doesn't make you more secure on its own. With these 4 simple measures you can already increase your digital security enormously:

  1. use one Password manager
  2. Games Updates promptly!
  3. use 2-factor authentication wherever possible!
  4. "Think before you click!” – Turn on head and check context
 

Why are these measures so effective for more security on the Internet?

Immanuel explains: Hardly anyone can reliably remember a large number of complex passwords. And even if you can, for the sake of convenience, you're probably using the same password or variations of it multiple times. If one of your passwords gets into the hands of hackers through a data leak and they can link it to your person, they have an easy time with your other accounts. The solution is simple and pleasantly convenient: password managers allow you to create individual and secure passwords for each account. It hardly matters whether you download an app specifically for this purpose or use the password manager integrated in the operating system of your devices. Anything is better than “Summer123”!

Updates may seem just as tiresome as the requirements for good passwords, but they are essential for the security of your devices and networks. Because updates not only expand functions or improve usability, often close known security gaps. What can happen if you ignore updates for too long? This is shown, for example, by global hacking wave in February 2023, which exploits a vulnerability in ESXi servers for which a patch has been available since February 2021.

The 2-factor authentication is also an effective protection against hackers. Even if an attacker was able to obtain your password, this will result in an another hurdle. In most cases, the attacker will now turn to easier victims.

The greatest vulnerability and at the same time the most important weapon in the fight against cyber attacks is the Human factor. Immanuel has a mnemonic for this: "Think before you click!" To explain, he adds: In the case of unexpected messages or requests, always pay attention to the "head and context": Does the content of this message make sense? Can this be?

You can find more information and tips on the topic of digital security in everyday life at the following addresses:

If you would like to listen to these tips again in Immanuel's original sound, you can find the recording from the show here. In it he also addresses the question of what he thinks of language assistants like Alexa and Co.

Increase the security of your IT system now!
You will receive detailed advice from us!
Contact us now
OTHER CONTRIBUTIONS

Table of Contents