Anyone who digitizes must also think about cybersecurity

Why are pro-Russian hackers attacking German municipalities? And how can authorities and municipalities protect themselves from such cyber attacks in the future? In an interview with mps' K1 magazine for the 2022 issue, ProSec founder Tim and his co-founder Immanuel talk about digitalization and cybersecurity in the public sector.

Table of contents

What impact will the Ukraine war have on German cybersecurity?

Reports in the media about hacker attacks on public IT infrastructure seem to have increased since the start of the Ukraine war. Immanuel notes, however, that such cyberattacks are nothing new and have not increased dramatically in number. As early as 2021, for example, the Tagesschau announced that more than 100 government agencies and public institutions in Germany had been compromised by ransomware, with serious repercussions.

As examples of such extortion attacks using ransomware, Tim cites the cases in Anhalt-Bitterfeld in 2021 and currently Schriesheim in the Rhine-Neckar district.

The only thing new about these attacks, Tim explains, is their motivation: While malicious hackers usually aim to pay a ransom, the pro-Russian hackers are concerned with a "show of force", i.e. a "demonstration of their own strength". Tim summarizes this type under the term "political hacking".

tim_schughart_CEO_ProSec

Because every war today is also a cyber war, hackers have already shown what they can do in this country as well.

Do you want to make digitization secure in your company or public authority?
Take advantage of our penetration test and expert advice!
To the penetration test

What is the state of cybersecurity and digitization in German municipalities?

The high number of hacked authorities in 2021 already suggests something that Tim and Immanuel can confirm based on their professional experience: The public sector in Germany has some catching up to do when it comes to IT security.

These problems are mainly related to two aspects: First, the organization of municipalities is very complex, which opens the door to attacks from many different sides, explains Tim. Second, the topic of cyber security is often not considered consistently enough in the digitization of municipalities. Immanuel has often found this to be the case when advising municipalities in this area.

Immanuel_Bear_private

If you invest money in digitization, you also have to invest money in cybersecurity. You simply can't have one without the other.

How do hackers attack municipalities and public authorities?

Someone in the office wasn't paying attention for a moment, opened an attachment to an e-mail, and it happened.

Immanuel (Co-Founder and DEO ProSec)

Professional hackers like Tim and Immanuel imitate the behavior of malicious hackers in their penetration tests and thus try to penetrate the networks of authorities and companies. That's why they know exactly how hackers proceed in attacks like those on Anhalt-Bitterfeld or Schriesheim: Often, an unguarded network socket in a district administration or a public transport bus is enough for them to gain access to the network.

We try to get into a certain network on behalf of our customers. To do this, all we often need is an unobserved moment and a network socket in the district administration.

Tim (Founder and CEO ProSec)

In most cases, however, hackers don't even have to bother looking for vulnerabilities on site. They simply exploit "the greatest vulnerability of any government agency: people," Immanuel knows from experience. All it takes is a simple phishing e-mail, in which an unsuspecting recipient opens the attachment and allows malware to infiltrate the network.

The goal of such hacking attacks is usually to exfiltrate data from the network in question and encrypt the systems of the municipality or authority using crypto-Trojans. The attackers then demand a ransom for the decryption and non-disclosure of the data.

Tim also describes the modus operandi of criminal hackers in a SAT1 television report on the attack on the Rhine-Palatinate district in October 2022.

What is the impact of successful hacker attacks on public IT infrastructure?

The massive impact of a cyber attack on a public authority or municipality was made very clear by the most recent cases: In most cases, the corresponding sites are completely encrypted as a result, so that digital communication is no longer possible for weeks or months. Access to sensitive data by the hackers and its dissemination on the darknet are often also among the consequences.

Immanuel lists other potential impacts in the interview:

However, accesses to different registers are also possible. It's hard to imagine what you could do with that. It would also be possible to hack buses, manipulate traffic guidance systems, and possibly even entire municipal utilities.

Immanuel (Co-Founder and DEO ProSec)
The risks are increasing as digitization continues to advance - for example, in the context of smart city technologies. At the same time, more interfaces mean more "gateways" for hackers. Immanuel is therefore clear: "If you invest money in digitization, you also have to invest money in cybersecurity. You simply can't have one without the other."

How can the public sector ensure cybersecurity as digitization increases?

The current cyber attacks make it clear that Germany has room for improvement when it comes to IT security. However, Tim makes it clear: "You can never drive the risk to zero. And even if you could, it would be disproportionately costly."

However, that doesn't mean you should bury your head in the sand and simply accept hacking attacks. On a technical level, Tim recommends a pragmatic solution approach consisting of three dimensions:

The two experts consider raising the awareness of all employees to be at least as important. After all, if everyone is aware of the dangers of phishing e-mails and is regularly reminded of them, the risk of a successful attack in this way is reduced.

When implementing these tips, most authorities and municipalities need external support from experts such as the penetration testers at ProSec. Tim and Immanuel also have advice for choosing the right consultants: It is important to look for an independent and trustworthy partner who provides objective advice and does not want to sell a specific product. You shouldn't be put off by somewhat higher prices in comparison, because quality and individually tailored solutions pay off in the long run.

In order to make digitization secure in the long term, cybersecurity must be a top priority, Immanuel emphasizes at the end of the interview.

If you ask me, cybersecurity must be and remain a top priority. Because otherwise it can quickly come to nothing.

Immanuel (Co-Founder and DEO ProSec)
Take your IT security into your own hands and get active!
We advise you in detail and make you strong in cyber security.
Contact Now
OTHER CONTRIBUTIONS

Table of contents

Do you want to be part of our team?