As the first threat, Fuhr cites attacks that initially do not have to be closely related to IT, i.e. to attack on business processes, means: The attackers find holes in the various work processes and exploit them for their blackmail plans. The attackers know that processes in many companies are not thought through or are not defined. The attackers try to exploit these uncertainties and put pressure on employees, for example by calling them, to make a foreign transfer as quickly as possible. There are situations where such action is necessary to ensure the survival of the business. The attackers know this and are trying to artificially provoke such reactions, reports Fuhr, who is also a speaker at the isits AG – International School of IT Security works.
If the second – now known threat – the security expert mentions the ransomware-Attacks on corporate networks. Attackers smuggle malicious software into the company—whether through chat, email, or the company’s open network access—and encrypt data. The data will be returned for ransom. In the meantime, extortion amounts have risen sharply, according to insiders. And the attackers are also getting bolder and threatening to publish the data. The case only becomes really dangerous when it comes to customer data, and then from the medical world.
Fuhr sees the third cyber threat in the company’s supply chain. He therefore speaks of the Ssupply chain security, which is also a special challenge, especially for large companies with a very heterogeneous IT landscape – starting with large standard software packages à la SAP or Microsoft up to and including infrastructure components and other programs to control processes. The problem is that businesses need access to many of these IT vendors, resulting in a lot of dependencies. And with every influx from the network, there are new vulnerabilities. For example, if there is a gap in a library that is used by thousands of users in many companies worldwide, a virus can spread very quickly.
Fuhr lists remote maintenance access attacks as the fourth major threat. We know from years of experience that many companies cannot provide complete IT, that systems are in use that require external support. And for reasons of efficiency, it has been a matter of course for years that external experts can dial into the company network – from air conditioning to building automation to the most diverse IT components. Each of these remote maintenance services can make access more or less secure, and “convenience and availability often take precedence over security,” Fuhr laments.
As a fifth threat, Fuhr sees the emergence of secondary or better known as shadow ITStructures in the specialist departments. When the power users find that their IT is too slow, they start to build their own and security aspects can quickly be neglected. “Especially in the cloud, it has become very easy to set up shadow IT,” says Fuhr. You no longer have to buy a server and put it under the table like you used to, nowadays all you need to do is “enter your credit card number on AWS and conjure up your Kubernetes cluster with a few clicks,” says the security specialist. Course participants at the isits AG – International School of IT Security can learn how best to implement Fuhr’s recommendations and many other tips on security issues https://www.is-its.org/awareness-academy acquire.