It could hardly be more complex: besides making sure there are effective measures in place to safeguard a system against attacks, a robust cyber security strategy also includes preparing suitable responses should an attack occur – not only to reduce damage to a minimum but also to get the systems up and running again as soon as possible. This is precisely what the REMONDIS IT Services team focuses on. Stephan Dahlmann, the person in charge of REMONDIS’ IT infrastructure, is well aware, however, that it is impossible to keep a system fully secure all of the time despite all their best efforts.
And the risk of an attack can come from a whole variety of people: professional criminals, disgruntled former employees and even foreign actors targeting a country’s critical infrastructure. Everything is conceivable – and practically all of them have happened in Germany at some time or other. There are various reasons why an attacker targets a particular company: blackmail, revenge and sabotage are just three possible motives. According to the BSI [Federal Office for Information Security], the risk of a company experiencing a cyberattack in 2022 has never been so great (The state of IT security in Germany 2022).
The risk of an attack can come from a whole variety of people: professional criminals, disgruntled former employees and even foreign actors targeting a country’s critical infrastructure.
On top of this, it has become easier for cybercriminals to attack a company’s IT infrastructure; in fact, it has never been so easy. On the one hand, people with little knowledge of IT can now create websites with the aid of programs. On the other, software solutions for creating malware programs can be bought in the shadowy corners of the internet – full-service solutions so to speak that are offered by professionally organised groups and simply need to be activated. It is even possible to book additional services – such as a helpline for the victims being blackmailed.
Different kinds of malware can be deployed to attack an IT system, the most common one being the so-called Trojan horse. They hide inside emails, downloads and flash drives and install themselves on a company’s IT system. They then attack the computer with three main goals in mind – often all three occurring simultaneously: to encrypt the data on the company’s servers to extort money, to steal data to publish or sell it and to block access to in-house applications or internet systems, such as online shops or clouds.
Flexible defence measures
REMONDIS has had its share of cyberattacks as well. So far though, these have only been isolated incidents that were identified and dealt with in good time. For a long while now, the well-known firewall for establishing a barrier between networks and the well-known antivirus software have become a complex, multi-layered system designed to recognise and delete malware – not only by scanning incoming emails for known viruses but also by using applications to isolate and scrutinise suspicious emails. Such checks are generally performed so quickly that the emails drop into the user’s inbox without them noticing a delay. This is in itself important as cyber security should not slow down a company’s operations.
In the past, it used to be quite easy to spot the phishing emails sent to steal passwords as they were dotted with spelling mistakes and had poor graphics. Unfortunately, that is rarely the case today. Recipients have to look at their emails more closely to check, for example, whether the sender’s address matches the name of the supposed sender. And criminals are putting more and more effort into making their messages more professional. They are even carrying out research work before carrying out targeted attacks to find out more about the individual people and their working environment to exploit human vulnerabilities. This is known as social engineering – creating credible messages to generate passwords or smuggle malware into a system.
Which is why Stephan Dahlmann believes that technology is just one of the cornerstones of a successful strategy. The employees in the company play a key role as well: “Some cyberattacks are so professional that even the very best technologies are unable to spot them. At the end of the day, what’s crucial is for the staff to be mindful and on their guard at all times, especially when it comes to their emails.” This is the reason, Dahlmann explained, why all REMONDIS employees are able to take part in training courses – some of them obligatory – to learn how to handle emails properly. Every company should be prepared for the worst case scenario. This includes having a secure data back-up strategy that enables business-relevant data to be accessed from a completely independent source and the affected IT systems to be restored in as short a time as possible. This strategy is documented in an emergency manual and sets out, for example, in what order tasks must be carried out to systematically restore the IT systems. Companies that have to consider such priorities after an attack has happened will lose precious time and may well overlook important technical issues.
All in all, REMONDIS IT Services ensures that the highest security levels are in place. However, no system, Stephan Dahlmann stressed, is completely infallible. The methods of attack and the technology used by cybercriminals are simply changing far too quickly. Companies can only keep up with them if they constantly adjust their systems and processes. And, when all is said and done, it is always the employees that make the difference: at REMONDIS as in all other firms.
Three tips for users:
- Always be on your guard: Am I expecting an invoice to be sent to my business email address? Is the sender really who they claim to be? Get in touch with your IT contact person asap if you accidently open a suspicious email or click on a suspicious link.
- Avoid using external data storage devices on your company computer (e.g. external flash drives or cloud storage space).
- Especially for managers and/or employees working in IT and accounting: Never forget that information on business platforms, like LinkedIn, can turn you into a potential target. Think very carefully about who can see what information.
Further useful tips can be found, for example, on the BSI’s website [Federal Office for Information Security] under ‘IT security incident / Citizens’.
Image credit: image 1: Adobe Stock: immimagery