Mrs. Greven, cyber security is an important topic. The threat situation for small and medium-sized enterprises (SMEs) is constantly increasing. What current cyber threats are there that SMEs need to prepare for?
Frauke Greven: The current threat situation in the area of cybercrime is still considered to be high by the BSI, BKA and the National Cyber Defense Center. Ransomware is still the biggest threat. This is malware that restricts or prevents access to business data and IT systems in the company. A ransom is then extorted for the release of the data. Cybercriminal attackers often take the path of least resistance and initially choose victims that appear easy to attack, i.e. SMEs are the focus of cyber attacks with ransomware. Attacks on IT supply chains (IT supply chains) and BEC (business email compromise) also harbor a high potential for threat and damage. Cybercrime is becoming increasingly professional, as specialization in certain services enables cybercriminals to develop and deploy their “services” in a targeted manner. The German Federal Office for Information Security (BSI) provides a very good overview of the IT security situation in Germany in its current 2023 status report. According to the report, vulnerabilities lie particularly in the software used in companies. This is worrying, as these vulnerabilities are the gateway to compromising systems and networks.
How can SMEs effectively protect themselves against cyber attacks and how can they improve their digital security?
Frauke Greven: Many companies do not have sufficient knowledge of the general cyber threat situation or their own risk profile. As a result, they do not even realize that they need to invest more in their security. Even basic preventive measures, which can often be implemented free of charge, are therefore often not taken Raising awareness of the issue is therefore an important first step, which the Cyber Security Network Saxony has set itself as a goal. The initiative, launched by the Digital Agency Saxony together with all chambers of industry and commerce in the state and the Saxony State Criminal Police Office, supports Saxon SMEs in making potential cyber attacks significantly more difficult and being able to quickly resume business operations in the event of an attack. The network pools the experience, knowledge and tools of the partners involved and offers a range of free prevention and consulting services for companies. For example, the Saxony State Office of Criminal Investigation’s free “Secure Company” service shows where security gaps exist in the areas of property security and personnel and organizational security. From this, the LKA creates security recommendations that are tailored to the requirements of the respective SME.
Should an IT security incident ever occur: What measures need to be taken to respond to a cyber attack?
Frauke Greven: The Cyber Security Network Saxony has developed an IT emergency card for this eventuality. This map lists structured measures to help prevent further damage and resume business operations as quickly as possible after an attack. We deliberately opted for an analog postcard so that we can offer reliable support after a cyber attack if digital communication channels are disrupted. Multimedia elements will be added to the emergency card in 2024 to improve the ability to respond in an emergency. These include short films on immediate technical and organizational measures as well as a checklist for resuming business operations, specially tailored to the needs of SMEs.
What should SMEs pay particular attention to when improving their IT security?
Frauke Greven: First of all, employees need to be made aware of the issue and trained. Free prevention services can be used for this. It is also important to place the IT emergency card everywhere in the company so that a quick response is possible in an emergency. To enable SMEs to focus on their core business, it is advisable to keep up to date with the latest technology via reliable IT service providers with cyber security expertise. Large companies are already relying on zero trust security. This security concept assumes that no user, device or network is inherently trustworthy. Zero Trust Security focuses on continuous verification and authentication of all users and devices, regardless of location or origin. To ensure that small and medium-sized companies also benefit from technological progress, modern approaches should already be included in the IT solutions on offer.
What influence do new technologies, such as artificial intelligence (AI), have on cyber security issues and IT security strategies?
Frauke Greven: The example of artificial intelligence already reveals many influences.
The current popular language models offer a new type of attack surface for criminal activities. With deliberately “poisoned” training data, AI systems can, for example, have data stolen by displaying links to manipulated websites. Embodied AI, for example in the form of robots or autonomous vehicles, can be weaponized through hacking in extreme cases. Little is currently known about protection mechanisms, partly because many technologies are not yet established on the market.
In addition, attacks can be carried out by AI systems. In principle, generative AI is capable of writing infinite variants of viruses or instructing hacking. There is also a risk that people will increasingly disclose sensitive data in dialog situations with chatbots. Deepfakes can also make biometric systems insecure or compromise people through videos and audio. AI fake news can harm organizations. In addition to these new types of known methods, AI could also recognize patterns in company data or products, for example, and thus extract trade secrets.
But AI can also help to improve cyber security. Due to the learning ability of AI systems, they can identify new forms of attack and unknown patterns, such as usage anomalies. The many “false positives” in the sense of “false alarms” can also be scanned by AI and thus increase security. Overall, AI can react much faster and act directly and independently. In the sense of ethical hacking, AI can find weak points in systems and close them if necessary.
All in all, it can be assumed that a technical arms race will take place and that the dynamics in the field will increase significantly. It is not yet possible to predict in which areas, with which technologies, which events will occur.
_ _ _ _ _ _
Further links
👉 IT emergency map (German)
👉 The state of IT security in Germany (German)
_ _ _ _ _ _
The Cyber Security Network Saxony
The Cyber Security Network Saxony initiative, launched by the Digital Agency Saxony together with all chambers of industry and commerce in the Free State of Saxony and the State Criminal Police Office of Saxony, pools the experience and knowledge of the partners involved to enable SMEs to quickly resume business operations in the event of a cyber attack and to better protect themselves against potential attacks. The network sensitizes SMEs to IT security incidents and offers a range of free prevention and consulting services for Saxon companies.
_ _ _ _ _
Our conversation partner
Frauke Greven
Head of the Digital Agency Saxony (DiAS)
DIGITALAGENTUR SACHSEN | SAXON AGENCY FOR DIGITALISATION
Stauffenbergallee 24 | 01099 Dresden
T: +49 351 212495-54 | presse@digitalagentur.sachsen.de
_ _ _ _ _
This interview was conducted as part of NEXT “In the spotlight: Software”.
👉 To the complete issue of the magazine
