War in Ukraine and corona pandemic: increase in cyber attacks

class=”sc-29f61514-0 fQbOYE”>

Stolen data from federal networks at Xplain, DDoS attacks on the parliamentary website for the video appearance of Volodymyr Zelensky (45) and again and again private companies that have to more or less meekly announce that they have been hacked. Cyber ​​attacks are increasing by an average of 30 percent annually.

But why exactly? Blick spoke to cybersecurity experts and explains what the current waves of attacks are all about.

Pandemic and home office

The main reason for the attacks is the advancing digitization. More and more devices are internet-enabled and can be hacked. “For example, all internet-enabled washing machines have the same password, which can be found publicly on the internet,” says Lisa Fröhlich (43) of the German IT security company Link 11.

Another reason for the deluge of cyber-attacks in recent years is the “turbo digitization” triggered by the corona pandemic, she says. Within weeks, thousands of companies sent their employees home en masse. “This resulted in an incredibly large number of poorly secured networks and thus potential gateways for hackers,” says Fröhlich.

Added to this is the current geopolitical situation. “Cyber ​​attacks on companies can be aimed at extorting money or industrial espionage, but they can also be politically motivated and carried out by paramilitary groups,” says Alexander Hilpert (33), deputy CEO of Litecom AG. This is what happened when Russian attackers hit Switzerland with DDoS attacks to avenge Zelensky’s performance in front of parliament.

Companies underestimate the risk

The example of washing machines makes it clear that many companies underestimate the subject of cybersecurity. This has been shown by various studies. For example, IT security provider Kaspersky informed 258 companies last year that sensitive company data was for sale on the dark web.

“Only a third of companies responded adequately to the situation, while the majority wavered between ignorance, denial or helplessness,” Yuliya Novikova, head of Digital Footprint Intelligence, said at a recent event in Zurich.

There are several reasons for the negligence. On the one hand, the danger of a cyber attack is still diffuse and you only notice it when you become a victim. In addition, the subject is extremely technically demanding, especially as the attackers are constantly evolving their attack patterns, the experts say unanimously.

This is also apparent from the case of IT service provider Xplain. Sensitive federal data is being offered for sale on the dark web. This includes, for example, information on how Switzerland protects its embassies. The Swiss Federal Data Protection and Information Commissioner (FDPIC) is now investigating the company.

However, the technical possibilities to protect yourself against attacks are there. Prime examples of well-protected companies are banks and financial institutions. Surprisingly, they rarely fall victim to hackers, although there is a lot to be gained there. When attacks on banks work, it’s often because hackers gain access through service provider applications. This recently happened at Deutsche Bank.

Cyber ​​security is a process

100% security is an illusion. However, the example of the financial sector shows that effective protection is possible. “You can now reliably protect yourself against DDoS attacks, but it is always a matter of will and money,” says Fröhlich.

In a first step, the subject must be freed from taboos. You need to talk about it and exchange ideas. The number of such attacks is still unreported at 95 percent. A reporting obligation for companies could help with this. A corresponding draft is currently being considered by the Council of States.

Source:Blick