05/06/2021
Industry News

Network and Application Security

Cybersecurity - The line of defense against Internet threats

Cyber attacks are no longer science fiction scenarios. Cybersecurity protects governments, organizations, companies and individuals from various Internet threats.

Written by Thomas Philipp Haas

Digital lock symbol surrounded by circular pattern and conductor tracks.

Digitization brings with it many benefits. Computers in the office and at home, as well as numerous other networked devices, make daily routines more efficient and easier. However, this means that cybercriminals have more points and opportunities to attack the IT systems of diverse individuals, organizations, companies and even states. Cybersecurity provides a wall of protection against the threats of the online world.

1. Cybersecurity: Definition

2. Why is cyber security important?

3. Cybersecurity - defence in all areas of life

4. What aspects does cybersecurity cover?

5. What are the biggest cybersecurity vulnerabilities?

6. Effective cybersecurity management against cybercrime

Loading component...

1. Cybersecurity: Definition

What is cybersecurity? The term cybersecurity covers various protective measures that protect systems linked to the Internet from cyber attacks. These include individual computers, mobile devices, server networks, hardware, software, data, networks, data centers and infrastructures. The term covers private, professional and public areas of life.

Information security, IT security, cybersecurity - These are the differences

Cybersecurity is often equated with the terminology IT security or information security. Although there are overlaps, the following differentiation and delimitation is nevertheless important:

Information security means protecting digital as well as analog data from access by unauthorized third parties.
IT security focuses on the protection of digitally stored data.

Cybersecurity focuses not only on individual computers or networks and their environment, but on the big picture. This includes all digital forms of communication, workflows or applications.

Alliance for cyber security - together against cybercrime

In Germany, more and more companies, organizations and authorities are recognizing the risks and real consequences of cybercrime. For this reason, the Alliance for Cyber Security provides a forum in which 4,942 participants (as of April 2021) have so far discussed risks and possible solutions. They also provide each other with assistance and exchange experiences. Basically, any institution or company within Germany can participate. The advantage is that members improve and expand their skills, expertise and knowledge regarding cybersecurity.

Cybersecurity standards provide orientation

Cybersecurity standards help provide guidance in this confusing online world. These are a set of published measures and best practices. These rules and regulations strengthen the cyber resilience of companies and organisations.

The following publications contain tools, guidelines, concepts, preparations, risk management approaches, training and technologies:

NIST (Special Publication) SP 800-53 or ITSG-33 Risk Management Framework: Framework standards of the Canadian and US governments, respectively, which are mainly used for government organisations, but also for companies. Among other things, they contain up to 900 control measures.
NIST Cyber Security Framework: A kind of light version that is applied in the extended industrial sector.
GDPR: Data protection regulations for companies that process personal data of EU citizens.
PCI DSS: Standards for companies that are entrusted with payment data (e.g. credit card data).
SWIFT Customer Security Control Framework (CSCF): Mandatory for financial institutions conducting transactions via the global SWIFT network.

These frameworks usually have to be tailored to sector-specific and regional needs.
The effort is also worthwhile apart from increased cybersecurity: organisations that meet specific minimum cybersecurity requirements can receive a corresponding certificate. Such a certificate guarantees customers and business partners that the security of their data is taken care of. However, this is an ongoing process that is never complete. Companies must regularly check the security measures they have implemented. This is the only way to ensure that everyone involved implements the rules in a permanent and disciplined manner.

As technologies and threats continue to evolve, cybersecurity standards must also undergo constant evolutionary change. Otherwise, there is a risk that they will quickly become obsolete.

Loading component...

2. Why is cyber security important?

A study by the Federal Criminal Police Office (BKA) found that cybercrime activities already increased by 15 percent in 2019 compared to the previous year. According to estimates by the digital association BITKOM, economic damage worth over 100 billion euros occurred as a result. Hackers and cybercriminals thus cause major problems in the public and economic spheres. At this point, therefore, maximum vigilance is required from every type of company and organisation, because cybercrime will not let up in the future.

The types of cyber threats

Cyberattacks or cyberthreats are, for the most part, relatively fleeting concepts. However, cyberattacks on companies, organisations or even states can take a wide variety of concrete forms. The following examples are among the best known and most common.

Malware

Malware means malicious software. Cybercriminals or hackers design these malicious programmes to infect, sabotage and damage their victims' IT systems. The motivations of such cyber attacks can be financial or even political. Malware can be divided into further subcategories:

Virus: A programme that replicates itself. It thus spreads in a system and infects it with a harmful code.
Spyware: Software that spies on the user's activities (e.g. passwords, financial information and other sensitive data) without the user's knowledge.
Adware: A form of covert spyware that spies on users' online behaviour and displays ads tailored to them.
Ransomware: Hackers create software that locks important files of their victims. They only release them again after paying a ransom.
Botnets: Malware that infect entire computer networks and use them for illegal activities.

In addition, there are numerous other threats that can cause serious problems:

Phishing: Criminals send emails to their victims that look like official emails from reputable companies or financial institutions. They ask for sensitive data such as passwords or credit card information.
Man-in-the-middle attack: Unauthorised persons take advantage of poorly secured WLAN networks to intercept sensitive information during data exchange.
Denial of service attack: Hackers prevent organisations and businesses, as well as their operations, from fulfilling important requests from legitimate users. They do this by flooding the network with traffic.
SQL injection: In the targeted attacks on SQL databases, hackers exploit vulnerabilities to inject malicious code and spy on data.

This is only a brief overview of the most common forms of attack. However, hackers are constantly working on new means and strategies to gain access to supposedly secure infrastructures.

Possible consequences of a lack of cybersecurity

Cyber attacks have far-reaching consequences for private individuals, small, medium-sized and large companies or organisations. These can be devastating:

Fines and compensation payments
Costs for additional man-hours for internal and external IT service providers or cybersecurity companies that need to respond to attacks and restore lost data or damaged infrastructure
Costs for vulnerability analysis to prevent further cyber attacks
Disruption of productivity and thus of the value-adding activity of a company
Additional costs for PR measures to protect one's own image or restore a damaged reputation
Dealing with legal consequences requires additional hours of work by legal counsel
Damage to a company's reputation can lead to an adverse financial outlook and impairment of value

Large corporations may be able to compensate for these problems more easily. Small and medium-sized enterprises or start-ups usually do not have the corresponding financial resources at their disposal, which is why the early implementation of cybersecurity measures pays off.

Loading component...

3. Cybersecurity - defence in all areas of life

Cybersecurity should permeate every area of life. Private as well as professional and public life is interconnected with the internet. There is also no sharp dividing line between these areas. One merges into the other and everything is equally risky.

Every company has valuable assets

Regardless of size and financial resources, every company has valuable data. This data is now of great value to cybercriminals and can be used for dubious and nefarious purposes. That is why it is important that every company invests in the necessary cybersecurity standards - better yesterday than tomorrow. The economic consequences of a cyber attack are often much more far-reaching than the costs and effort of effective cybersecurity management.

Home office trend as a growing source of danger

The growing trend towards home offices comes with many practical benefits, but poses a high security risk. Even if the company operates a rigorous cybersecurity management, networks often remain unprotected at this point. Security requirements and rules must be applied to the home office with equal rigour.

Freight transport - threats to supply chains

Not only in the office or home office, but also on the road can cause economic damage to companies. In order to make supply chains more efficient, networked solutions are now the order of the day in logistics. This means that train and road traffic, inland shipping and even aviation are attractive targets for attacks that require suitable cybersecurity measures.

Critical infrastructure

People are dependent in one form or another on critical infrastructures and the supply provided by their systems. In Germany, these include:

State and administration
The energy sector
Healthcare
Information Technology and Telecommunications
Transport and traffic
Media and Culture
Water Supply
Finance and Insurance
Food industry

These are areas that rely on modern technology and are now more or less digitalised. Accordingly, they are vulnerable to cybercrime.

Cyber attacks on critical infrastructures do not always happen out of greed. Often they even have political or terrorist backgrounds. In hardly any other area, however, can attacks specifically endanger human lives through supply shortages in a comparable way.

Loading component...

4. What aspects does cybersecurity cover?

Cybersecurity can be divided into different branches. Within a state, an organisation, a company or even a private household, these must be effectively combined and coordinated. This is the only way to guarantee success.

Software

At the application level, security measures prevent data or code from being stolen, hijacked or locked out for the user by an app or malware. These precautions can be inserted during the development stage of the software or later with an update.

Hardware

Even hardware components have vulnerabilities. Attack strategies such as Meltdown or Spectre exploited vulnerabilities in modern processors. This allowed sensitive information to be extracted from processor memory - regardless of whether it was a mobile device or a personal computer. Specific software and operating system patches can now prevent the worst. However, this example clearly shows that cyber security must even work at the hardware level.

Information security & data security

Information security actually means any kind of information, regardless of whether it is digital or analogue. However, there are overlaps, especially since a lot of information is now stored on computers or hard drives, databases, etc.

Business records, personal data, customer data, financial data, intellectual property and much more sometimes form the foundation of any business, organisation or private life. One of the priorities of cyber security is to protect this data from unauthorised third parties.

Network security

Network security is another subcategory of cybersecurity. It ensures the reliability and functioning of networks. The protection of data also plays an important role. This requires a number of security protocols such as a well-secured WLAN, regular software updates, password protocols and multi-factor authentication. Furthermore, experts or cybersecurity companies carry out so-called penetration tests. They identify and close any leaks or vulnerabilities.

Cloud security

Companies are also responsible for customer data that they store with a cloud provider. Corresponding service providers focus on guaranteeing the security of this data, if only for self-serving image reasons. Ultimately, however, much is in the hands and responsibility of the user. The user must configure access restrictions correctly and also sufficiently secure the system at its end.

Operational safety & disaster recovery

To guarantee business continuity, a business must prepare for possible attacks. Only in this way can they be recognised, analysed and defended against in good time. The business can continue work processes or, in the best case, there is no interruption at all.

However, this is not always the case. Every company and every organisation should have a so-called disaster recovery plan. This enables the business to continue operations as quickly as possible and to recover lost data. This includes effective communication with all parties involved to ensure efficient cooperation in this process.

Physical security

Lack of cybersecurity can have an impact on physical reality. One point of attack is the so-called Internet of Things (IoT), which is usually not sufficiently protected against cyberattacks (read more about IoT security in this free whitepaper). Attacks affect digital assistants, household appliances or cameras connected to the internet. Smart devices in companies and factories are also on this list. Even penetrating the computer systems of modern cars is theoretically possible.
Networked security systems of offices or homes are an additional risk factor. Cybersecurity has to deal with all these consequences in the physical world.

Loading component...

5. What are the biggest cybersecurity vulnerabilities?

During a cybersecurity check, some specific vulnerabilities can usually be found and fixed to build a more successful cybersecurity resilience.

However, it is worth taking a self-critical look at some common and popular vulnerabilities that crop up all the time.

Humans as the weakest link in the security chain

Humans often represent the biggest security gap. After all, technology only works as well as the people who develop and operate it. These vulnerabilities can be intentional or accidental misconduct.
People working within a network can intentionally spy on data or simply be careless. Clicking on the wrong link, opening the wrong website or ignoring an important software update is enough. Cybercriminals are quick to exploit carelessness to gain access to important data.

People use bad passwords

Passwords that are too easy to guess are more common than they should be. This often happens out of convenience, although private individuals and companies are aware of the risks. Often it is a standard term or a short combination of numbers, even birthdays are used.

Poorly secured WLAN networks

Wireless networks can often have outdated WEP encryption protocols, making them easy targets for attack. A new upgrade to WPA2 or WPA3 is urgently needed in this case. However, the former is also risky. However, many attacks on WLAN networks at home or in the office are successful because users use the preset service set identifiers (SSID) and default passwords instead of changing them.

Public WLAN networks in particular offer little security, even though users need a password to log in. Users' online activities are not encrypted unless they use a Virtual Private Network. WiFi hotspots can easily be faked so that users log in to them. Unauthorised third parties can easily intercept sensitive data in this way.

Internet of Things holds little protection and great risks

Children's toys, household appliances, security cameras, digital assistants - consumers can connect just about anything to the internet. However, these devices often have glaring security vulnerabilities that hackers exploit.

Even other devices connected to the same network are not secure. Cybercriminals are thus able to gain access to email and social media accounts, conduct espionage and steal data.

Loading component...

6. Effective cybersecurity management against cybercrime

Cybersecurity faces constant challenges from ever-evolving technology and therefore new risks. That's why there is no single solution that will stop all current and future cyberattacks (learn which security platform is best for you in this free whitepaper). This is not to say that businesses, organisations or individuals should forgo cybersecurity and hope for the best. There are a number of strategies and tools available to protect against cyberattacks. These need to be applied at multiple levels and in multiple forms to map an optimal cybersecurity concept. It is helpful to design networks in such a way that not every employee has access to all areas. Rather, control mechanisms should be implemented so that each employee has access to the network areas that are absolutely necessary for his or her task.

Endpoint security - security begins with the individual

Cybersecurity starts with each individual end user. They can defend themselves against attacks with various measures and tools. Encrypting emails protects important data during transmission and makes it unreadable for unauthorised third parties. Current virus scanners and other security programmes examine computers to detect and remove malware. To do this, of course, this software must always be kept up to date. Strong, hard-to-guess passwords can be created with password management tools or random generators. Users should never open e-mail attachments from unknown, suspicious senders. To the same extent, they should avoid suspicious-looking and unknown websites and downloads as well as public unprotected hotspots.

Backups - backups protect against data loss

Regular backups of important data are essential to ensure that it is not lost in a cyber attack. It also makes organisations less vulnerable to extortion using ransomware.

Multi-factor authentications

Multi-factor authentication is an extremely effective way to confirm a user's identity. Each access to a system requires at least two checks: User name and password, security questions, verification via security codes, fingerprint or iris scan (biometric data).

Firewall - protection against network intruders

A firewall can be used to restrict the data exchange of a private or a company network. In this way, certain data packets can be prevented from accessing a network unless end users specifically allow them. This protective wall thus filters out suspicious programmes from the outset.

Strict data traffic monitoring

If hackers have overcome cybersecurity in the form of defence software and firewalls and found a way into the network, they can cause a lot of damage there. Companies and organisations must therefore permanently monitor the exchange of data within a network. This way, suspicious activities and threats can be detected more quickly and contained with the right cybersecurity measures..

Microsegmentation & Least-Privilege-Principles

With micro-segmentation, a network is divided into zones. For each segment, a user must show the corresponding authorisation. At best, attackers fail at the border controls to other network segments, even if they gain access to a zone.

This is often accompanied by the principle of least privileges. Users of the network or employees only have access to the data and network resources that they absolutely need for their work. If necessary, this authorisation can be withdrawn after the respective task has been completed or after a certain period of time.

Establish cybersecurity culture

Cybersecurity must be established as a culture in every sphere of life to be effective. Organisations, individuals and companies should be aware of the serious consequences and implement strict measures at every hierarchical level to protect themselves. Sensitisation of individuals, employees and supervisors is necessary for this. Appropriate further training makes a great contribution at this point. Furthermore, it is necessary to always critically review one's own security strategies, to check for weak points and to adapt them to new dangers.

Security Operations Center - Outsourcing Cybersecurity

A Security Operations Centre (SOC) is responsible for monitoring networks and detecting, investigating and defending against cyber threats. And this around the clock. This also includes protecting the assets of a company or an individual. These include intellectual property, personnel and customer data, business systems and brand integrity. Broadly speaking, SOC teams implement all key cybersecurity measures. Since most companies do not have the time resources, staff or expertise, they often outsource these activities to a professional cybersecurity firm. In this free whitepaper, you can learn more about setting up and operating an efficient Security Operations Centre.

Cybersecurity quick tests

Cybersecurity quick tests are an easy way to get an overview of your own security standards. If these are not in place, the Global Cyber Alliance's quick test with ICTswitzerland, for example, offers a first starting point.

Loading component...

it-sa 365 is available to you as a digital HOME OF IT SECURITY all year round

As a registered participant, you can use the platform free of charge and have the opportunity to network with experts 365 days a year, make appointments with each other and enter into direct dialogue via chat or video call. In addition, we keep you up to date on news about our digital programme.

Loading component...

Author

Thomas Philipp Haas

Director Marketing it-sa

NürnbergMesse