The massive hacker attack on the district administration in Ludwigshafen at the end of October 2022 paralyzed its digital infrastructure, so that citizens can currently only resolve their concerns in person on site. Our founder Tim was a guest on the radio station SWR3 as an expert and provided information about IT security in general and the situation in the public sector in particular.
Tim notes that there are generally very good people in municipalities and administrations who take the subject of IT security seriously and are competent. The problem is that there are too few of these good people to be really well positioned.
If you don't master offense, you don't understand how these people work. Then you can't protect yourself from it.
This problem cannot be solved in the short term. But in the long term, better, centralized training in IT security is an important step, says Tim. For example, there is currently no classic course of study on this content or training as a penetration tester.
Tim notes that the human factor is very important when it comes to digital security. Statistically speaking, technical vulnerabilities are rarely used for attacks. Instead, hackers mostly use social engineering – for example, using phishing emails.
On the one hand, people are the "weakest link" in the security chain. On the other hand, it takes "men-power" with know-how to correctly configure and maintain the corresponding security products. In Tim's opinion, this is even more important when it comes to protecting against cyber attacks than the money factor, which cannot be ignored.
But what happens if, despite all protective measures, a successful hacking attack occurs? Then you need a contingency plan. This is now even available in most companies and authorities, says Tim. But he is usually not sufficiently rehearsed. If the emergency plan is not implemented routinely, mistakes can quickly occur or it may not be possible to implement it as planned.
At the end of the conversation, when the moderator asks Tim for a tip that doesn't cost money, he doesn't have to think twice:
A tip that doesn't cost any money: think before you click!
You can watch the whole interview with Tim on SWR3 here:
Over 1.000 companies are facing infected WordPress websites whose security is threatened by JavaScript backdoors. The attack method uses four different backdoors for maximum damage. Companies must therefore implement proactive security strategies.
Hackers use misconfigurations in AWS for targeted phishing attacks. Companies are thus unknowingly opening their IT infrastructure to attacks. Traditional security measures often fail to defend against this threat.
Security researchers discover a security hole in Apple's "Find My" network that enables industrial espionage. Using the "nRootTag" method, attackers can secretly turn devices into tracking devices. Companies around the world are alarmed and are looking for protective measures.
