The pace of digitisation is continually gaining speed, but unfortunately our entire culture of security has only partially kept up with the rapid development in virtual environments. The challenge we therefore face today is to become aware of the dangers of the digital revolution. We still devote too little attention to the dark side of the net even though cyber criminals have become more and more professional. Year after year, their labour-sharing methods and sophisticated attack scenarios are causing enormous damage to the economy. Each new technology push offers greater scope for attack to the structured and secret darknet which launches its subversive acts of economic crime or sabotage with the aim of political destabilisation.
The global cyber attack carried out by the ransomware “WannaCry” is one such example. It encrypted all data stored on the infected computers and would only decrypt it upon payment of a ransom. Austria got off relatively unscathed. According to the Federal Criminal Police Office (BK), only four companies were concerned.
CEO fraud is yet another line of attack. The perpetrators collect all types of information about the company they target and then impersonate, for example, the CEO to trick an employee into transferring large amounts of money abroad. In recent months criminals have used this method to loot several million euros, partly with severe consequences for the companies concerned or the employees that were tricked.
Given the serious nature of this topic, the motto of the Fabasoft TechSalon on June 27, 2017 was “Network and IT security: How to protect your organisation”. The panel discussion with the experts Dr. Wolfgang Schwabl, Cyber Security Officer at A1 Telekom Austria AG and DI (FH) Roland Supper, Head of Cyber Defense Center at sIT Solutions AT Spardat GmbH as well as Prof. DI Helmut Fallmann, member of the Managing Board of Fabasoft AG closely examined the various dangers that businesses are facing.
In his presentation on CEO fraud and cyber attacks, Dr. Schwabl pointed out that companies can fend off the majority of attacks with an “ABC of prevention”:
A: Anti-virus software – keeping it up to date
B: Backups – on a regular basis
C: Computers – running all updates (or deleting apps)
In the course of the exciting discussion that dealt with issues such as the DDoS attack on A1 Telekom AG early this year, fake email scams, CEO fraud or the very recent Petya attack (ransomware), DI (FH) Roland Supper stressed the importance of risk management. A clear analysis of potential future threats and their comprehensible presentation to executive boards and senior management are the best way to achieve the funding of adequate measures aimed at prevention and defence. He also stated the importance of “empowering” the Security Operations teams that need authorisation by day and night to take drastic measures such as taking a website offline or shutting particular systems down in the case of danger.
The discussion did not only focus on threats but also offered many important tips to the audience on how they can protect their companies. Dr. Schwabl, for example, introduced his interested listeners to an important source of information on online pitfalls and fraud attempts on the Internet: The Austrian platform https://www.watchlist-internet.at/ warns of current cases of fraud and gives tips for protection against popular scam tactics.
The event’s host Prof. DI Helmut Fallmann believes that the Austrian economy is still badly prepared for digital security and data protection. He also pointed out that businesses must accept that they have to invest in their digital future and their IT security. According to Fallmann it takes “more courage and speed right at the top – on the part of executive boards and senior management”. He continued by stating that on the technical level, Europe certainly possesses scientific competencies on cyber security. Businesses must now quickly implement these innovations in support of strengthened network security. He closed on the following words: “I see many opportunities to firstly manage our security issues while secondly making Europe the economic forerunner. I therefore recommend to all those who are responsible to be neither pessimistic nor optimistic, but DETERMINED!”