All sectors are being targeted by cybercriminals
Since the NSA scandal became public in the summer of 2013, the issue of cybersecurity has become more important than ever. But it is not only political motivations that encourage hackers to break through firewalls and virus scanners to infiltrate IT systems. Up till now, it has been industrial companies that have been the prime targets for attacks. Nowadays, however, practically no industry is safe from the threat of cybercrime – the problem has taken on a whole new dimension.
There are almost daily reports of cases of Internet fraud in the media. But online attacks don’t just endanger computer systems: the hacked mainframe of a key energy supplier, for example, can paralyse a whole region’s infrastructure in next to no time. Health, transport, communication or whole factories – these are all areas that can be affected.
Cybersecurity
One of the key challenges of our time
Cybercriminals have different objectives today than they did in the past. Attacks are no longer just carried out for the fun of programming, but rather for financial or political gains. Modern cybercriminals are highly qualified and utilise intelligent attack methods against which the current defences are only partially effective.
This is shown by examples such as the online bank robbery in New York, in which the perpetrators succeeded in using malicious software to manipulate ATM machines to steal sums amounting to millions of dollars. Even one of the most prominent virus hunters in the world, Eugene Kaspersky, was hacked by a malicious program because he had insufficient security on his own systems.
Don’t just react, act now!
Companies that merely react to events as they happen will sooner or later be confronted with problems they can no longer handle. Therefore, it is necessary to take proactive measures. This includes getting the necessary know-how on board as soon as possible.
Recruitment in the IT security sector has continuously increased in importance in recent years. With the introduction of new IT security legislation, operators of critical infrastructures are faced with new obligations to implement defensive measures and have new duties of detection and reporting. The goal of the IT security law is to guarantee the availability, but also to protect the integrity and confidentiality of information systems.
What can IT professionals do to implement adequate defence measures and what skills are required?
The IT professionals being sought for these areas must offer a broader spectrum of competency – in terms of their qualifications and profiles – than the pure IT experts of the past. Effective prevention work carried out by such specialists includes the planning of potential attack scenarios, such as when research databases might be tapped into, production could be stopped, etc. For this kind of planning, IT specialists require not merely extensive expertise in programming languages but also an in-depth knowledge of security and networks, cryptography and, of course, familiarity with all common software manufacturers and their products. In addition, an IT specialist must also understand the mindset of the hacker in order to proactively identify targets and take appropriate countermeasures.
Lifelong learning is a necessity
In addition to the theoretical construction of ‘worst case scenarios’, it is also necessary to find possible loopholes in the system.
These scenarios should also be revisited, not purely from the programming side, but also in terms of attacks on the firewall or other incursions. Considerable potential for cyber attacks is now also attributable to ‘social matching’. In other words, blogs or social networks report about fictitious problems and ask users to report about any experiences they might have had and the methods of resolution they used. If someone gives out information about their own company – in the belief the person asking is a serious business user – regarding a strategy on how to deal with this (fictitious) problem, then the cybercriminal may be able to make deductions about the configuration of the company network – with potentially disastrous consequences for security.
Previously, the main focus was on finding network administrators; today, the priority is security specialists
IT security specialists have to be able to think like the attacker in all possible scenarios in order to identify possible security gaps and weakpoints and then use their professional and technical expertise to come up with adequate solutions.
They must have a good understanding of the current threat landscape and be able to assess new areas of attack. IT specialists also need to take organisational and technical steps for the prevention and detection of cyberattacks, develop high responsiveness in the event of a real cyberattack, be able to make objectively well-founded decisions and initiate appropriate steps in the shortest possible time.