At the weekend, thousands of systems worldwide were infiltrated by a hacker group. The KURIER therefore spoke with Franz Weber about cyber security.
At the weekend, perhaps the biggest ransomware attack in history took place: A hacker group infiltrated the software of the US IT service provider Kaseya and thus gained access to the internal networks of thousands of corporate customers. The attackers are demanding 70 million dollars.
KURIER therefore spoke to Franz Weber, the managing director of the Austrian IT security company CYBERTRAP.
KURIER: Mr Weber, how difficult is a hacker attack of such a large scale nowadays?
Weber: This is now the second major case within a year in which a software manufacturer has been targeted to gain access to its customers – a so-called supply chain attack. That is not easy, there are professionals at work.
In such attacks, it can be observed time and again that the demanded solution money is actually paid out. Is this really the only way to regain access to your own system?
That always depends on how well you are protected. Specifically: how regularly you have backups (copies of your own network) made and how they are stored. In this way, you can try to keep the damage as low as possible if the worst comes to the worst. However, if you no longer have access to your own backups or if they are outdated, it is unfortunately sometimes cheaper for companies to pay the ransom than to completely rebuild their own system.
How does a company protect itself from such attacks?
There are many ways to invest in the security of one’s own system, but there is no such thing as one hundred percent protection. There will always be a gap – for example, updates that have not been carried out on individual computers or so-called phishing attacks in which the attackers get hold of an employee’s access data directly via fake e-mails or telephone calls.
In your opinion, how is IT security in Austria?
I see us as being similarly well positioned as other European countries. But you can always do more.
The problem is that you basically must look at IT security as an ongoing investment. The industry is constantly developing, and hackers are also constantly finding new ways to exploit gaps in the systems. I still see potential in the so-called deception technologies. You must understand: Attackers constantly use the element of deception, they constantly pretend to be someone else. Defenders still use this tactic quite rarely. But there are indeed ways to create a fake copy of one’s own network, into which you can then lure hackers who have already gained access. No damage can be done there. I see that as a useful addition. But, as I said, you can never be 100% sure.
You might also be interested in this:
Attackers permanently use deception techniques – Why not the defenders too?
Would you like to learn more? Contact us!