Digital economic crime | Digital Economic Crime – @shutterstock | PR Image Factory
+++ 9,325 DDoS attacks in the 2nd quarter of 2018 +++ IT security cost driver +++ Dangers to the network come from the network +++ Dangers from the Internet are increasing +++ Employee security risk +++ Dangers to the Net come from the net +++ Data leaks in comparison +++
9,325 DDoS attacks in Q2 2018
The company of the same name counted 9,325 registered and fended off DDoS attacks on websites and servers in Germany, Austria and Switzerland (DACH) that are protected by Link11 in the second quarter of 2018. DDoS report, the attackers' focus was primarily on targets from the e-commerce, gaming, hosting/IT, finance and entertainment/media sectors. Taken together, all attacks lasted 1,221 hours. Since there is currently little representative and publicly accessible data on DDoS attacks in the DACH region, there is no way around surveys by specialized companies. “The data that we collect in our network enables important conclusions to be drawn about the threat situation in the DACH region, which is becoming increasingly complex. The publications are less about absolute numbers than about pointing out trends and new developments,” says Marc Wilczek from Link11.
Cost driver IT security
Hacker attacks can have fatal consequences for companies. If these companies represent an important part of the public infrastructure, hundreds of thousands of people can be affected by their outages. The IT Security Act from spring 2016 is intended to create minimum standards for IT security and ensure security of supply for the population. The first figures are now available on how much additional costs companies will incur as a result of the law.
As the Statista graphic shows, for most companies they amount to a five to six-figure amount. This emerges from a current study by the auditor KPMG . Above all, the development of the required IT structures in the company and employee training have an impact.
The law obliges companies whose systems have an important function for the German infrastructure, among other things, to report hacker attacks and to provide a direct contact person for the Federal Office for Security and Information Technology (BSI). So far, the law only affected the energy, IT and telecommunications as well as water and food sectors. From the middle of this year, the finance, transport and health sectors will also be subject to the regulation.
Dangers to the network come from the network
Digitalization is also making steady progress in the Swiss energy industry - and this may not be without negative consequences for security of supply. This is a result of the recently published Swiss electricity utility study by the consulting firm EY. According to this, 68 percent of the executives of power plants and energy suppliers surveyed rated the vulnerability of the power grids to hacker attacks as very high or high. Overall, only 11 percent see a low threat of power outages due to cyber attacks.
The survey also shows what has already been done for IT security in the electricity sector. 34 percent of companies have already installed an IT security officer and 28 percent have set up an information security management system. Other companies are still implementing or examining such measures, but for around half they are not an issue at all or they have not yet dealt with them. Alessandro Miolo from EY Switzerland finds words of warning: “For energy companies, cybercrime is now a risk just as big as natural disasters or fires. If more than two thirds of Swiss energy suppliers fear power outages due to cyber attacks, this shows the enormous need for action. The distribution networks and IT systems are often not up to date. The distribution network operators have to upgrade, and not just with regard to security.”
Dangers from the Internet are increasing
In 2016, 14,033 suspected cases of cybercrime were reported in Switzerland. This emerges from the annual report of the Federal Office of Police fedpol published last week. The number of reports increased by more than 20 percent compared to the previous year (11,570 cases). These are not legally concluded criminal cases, and changes can also be attributed to society's perception of cybercrime and the willingness to actively forward it to the authorities. Nevertheless, the significant increase in recent years also shows an increasing threat from criminal activities on the Internet.
The most frequently reported cases were cyber fraud, phishing (spying on account and credit card details) and malware (malicious programs such as viruses and Trojans). In this context, the Federal Office of Police particularly draws attention to the sharp increase in the spread of crypto ransomware. These programs encrypt the data on the infected computer and demand that the user pay money to unlock it again.
Employee safety risk
Digitalization offers companies enormous opportunities – but also risks. the current cyber security report from Deloitte, 83 percent of companies with more than 1,000 employees register attacks on their IT several times a month.
Above all, managers fear the costs that arise from repairing the damage caused. As the graphic from Statista shows, it is primarily the employees in companies that are seen as a risk. 75 percent of the managers and politicians surveyed cited the careless handling of data by employees as the biggest IT security leak. Hacker attacks come in second place with 50 percent of those surveyed. The use of mobile devices is the third largest risk factor.
Dangers to the network come from the network
Digitalization is also making steady progress in the Swiss energy industry - and this may not be without negative consequences for security of supply. This is a result of the recently published Swiss electricity utility study by the consulting firm EY. According to this, 68 percent of the executives of power plants and energy suppliers surveyed rated the vulnerability of the power grids to hacker attacks as very high or high. Overall, only 11 percent see a low threat of power outages due to cyber attacks.
The survey also shows what has already been done for IT security in the electricity sector. 34 percent of companies have already installed an IT security officer and 28 percent have set up an information security management system. Other companies are still implementing or examining such measures, but for around half they are not an issue at all or they have not yet dealt with them. Alessandro Miolo from EY Switzerland finds words of warning: “For energy companies, cybercrime is now a risk just as big as natural disasters or fires. If more than two thirds of Swiss energy suppliers fear power outages due to cyber attacks, this shows the enormous need for action. The distribution networks and IT systems are often not up to date. The distribution network operators have to upgrade, and not just with regard to security.”
Data leaks in comparison
Uber had data stolen from 57 million customers, including email addresses and phone numbers. Instead of notifying the authorities, the driving service provider paid the hackers $100,000 to delete the data - but it cannot be said with certainty whether this actually happened. With this incident, Uber joins the ranks of the major data thefts. The leader in this category is Yahoo. A hacker attack in 2013 affected all three billion user accounts. This means that no one is likely to challenge Yahoo's top position in the ranking of record data thefts any time soon. An exciting overview of hacker attacks in recent years can be found at informationisbeautiful.net .
Keep in touch
