Select Page
Back to overview

Myra’s monthly security highlights present IT decision-makers and security specialists with the most relevant topics from the world of cybersecurity. Hacker trends, defense strategies, and reports on cyber attacks, hacker campaigns, etc. are available here in a clearly laid out format.
Cyberattacks can have real consequences for each individual. According to the Bundeskriminalamt (BKA, German Federal Criminal Police Office), DDoS attacks on companies, critical infrastructure and government agencies last year showed just how dependent our analog lives have become on digital processes.

According to the BKA’s recently released “Bundeslagebild Cybercrime 2021” (a federal report on cybercrime), the number of cybercrime offenses increased by more than twelve percent year-on-year to a total of 146,363 cases – a new record. The actual number of offenses is likely to be many times higher, given that the police crime statistics represent only a fraction of all cases. The BKA says the number of unreported cases may be over 90 percent.

According to an international comparison by the specialist insurer Hiscox, German companies are the hardest hit financially by cybercrime. The analysis showed that while the average overall cost of damage from such attacks has risen internationally by 29 percent to just under €15,300, in Germany it is significantly higher at over €18,700. Experts in seven out of eight countries – including Germany – surveyed by Hiscox, rank cyberattacks as the biggest threat to companies. Preventive protection of digital business processes against DDoS attacks and other cyber threats is therefore essential.

The top IT security topics in May 2022

IT security trends

BKA: Number of cybercrimes reaches new high

According to the “Bundeslagebild Cybercrime 2021” (a federal report on cybercrime), the German Federal Criminal Police Office (BKA) recorded more than 146,000 cybercrimes last year. That equates to twelve percent more than the previous year. In addition, according to the BKA, the number of unknown cases is very high because many cybercrimes go unreported.

Find out more

 

Hiscox Report: Cybercrime particularly expensive for German businesses

The mean value of damage caused by attacks in Germany last year was $20,792, well above the international mean of $17,000. No other country included in the study recorded higher costs per company.

Find out more

 

Verizon Report: Attacks on web applications and DDoS are most common attack types

According to the “Data Breach Investigations Report 2022”, most security incidents caused by external forces are due to denial-of-service attacks and attacks on web applications. The number of ransomware attacks increased by 13 percent compared to the previous year.

Find out more

 

FBI: Cyber fraud caused at least $6.9 billion in damage worldwide in 2021

Last year, the FBI received nearly 850,000 reports – a new record. Phishing was by far the most frequently reported method of fraud, with almost 324,000 cases. The phishing subcategory Business Email Compromise (BEC) is particularly lucrative for attackers.

Find out more

 

DsiN-Praxisreport reveals IT security deficit in German SMEs

According to a survey by the association “Deutschland sicher im Netz”, 64 percent of SMEs have not established any measures for detecting cyberattacks. Furthermore, over one third have no IT contingency plans. More than a quarter already use the support of external IT security service providers.

Find out more

Cybercrime

DDoS attacks on websites of German ministries and authorities

A cybercrime group has called for targeted DDoS attacks on websites of state institutions. The websites of the federal and state police authorities, the German Bundestag, various ministries and Chancellor Olaf Scholz’s SPD website were among those affected.

Find out more

 

Cyberattack on German car rental company causes disruption for customers

Despite early detection of “IT irregularities”, the attack resulted in some restrictions in telephone and e-mail communication. Some workflows had to be handled manually. According to Sixt, however, the website and apps were not affected by the outages. .

Find out more

 

Cyber extortionists attack research institute in Saxony-Anhalt

In the attack on the Fraunhofer Institute in Halle, the criminals apparently obtained research data, which they then offered for sale on the darknet. The attack was also accompanied by a ransom demand. As a precaution, all systems on site were disconnected from the Internet and shut down.

Find out more

 

Insurance group hit by cyberattack on service provider

According to BGV, no customer data was leaked during the attack on the service provider Perbit, which took place in April, but data for current and former employees as well as applicants was obtained. The criminals are believed to have already sent fraudulent e-mails to some BGV employees.

Find out more

 

Ransomware attack halts production for several days at agricultural machinery manufacturer

The attack disrupted worldwide operation of the U.S. company AGCO. The assembly lines of the German subsidiary Fendt in Allgäu were at a standstill for ten days. There was also data loss, the extent of which is still being assessed.

Find out more

 

German email provider repeatedly hit by DDoS attacks

Posteo experienced service limitations in the course of attacks of “considerable magnitude”. The company itself spoke of “delays and limited accessibility”. In contrast to previous attacks, the latest attacks were not accompanied by any financial demands.

Find out more

 

After ransomware attack: Costa Rica declares national state of emergency

The Conti malware infection has paralyzed several ministries and government agencies, some of which have been down for weeks. The country’s tax collection authorities are among those affected. In addition, the attackers have stolen hundreds of gigabytes of data records and posted them on the Internet.

Find out more

Best practices, defense, and mitigation

Every day is a zero day – How banks protect themselves effectively from Log4Shell and Co.

Cybercriminals and scammers take advantage of exploits in the data architecture of financial companies. A well-known example is the Log4Shell vulnerability in the Java library Log4J. Learn where the biggest risks lie and how to protect against them.

Find out more

 

U.S. puts $10 million bounty on members of Conti ransomware gang

The sum is being offered by the U.S. State Department for information leading to the identification or location of Conti’s key players. Up to another $5 million is available for information leading to the arrest and/or conviction of individuals who participated or attempted to participate in extortion using the Conti ransomware.

Find out more

 

NIS-2 Directive: EU reaches agreement on new cybersecurity rules

Once adopted by the European Council and the European Parliament, NIS 2 will replace the current Network and Information Security Directive. Among other things, the proposal will tighten security requirements for companies, streamline reporting requirements and introduce harmonization of sanction regulations in the member states.

Find out more

 

MITSicherheit.NRW: Sponsored project identifies numerous gateways for attacks on hospital IT

According to the two-year long project, many potential points of attack were due to faulty configurations in data communication with partner facilities or patients and have since been resolved. The study also contains recommendations on how clinics can increase their security level.

Find out more

 

Botnet operator sentenced to four years in prison in the USA

The 28-year-old Ukrainian allegedly sold login credentials to IT systems on the darknet, having previously cracked them using botnet attacks. In doing so, he earned at least $82,648 between 2017 and 2019. This sum has now been seized.

Find out more

Things to know

IT security and compliance – The new dream team

Cybercriminals and regulators alike are putting enterprise IT security strategies to the test. Learn how best to meet this dual challenge.

Find out more

 

Data privacy debate around Census 2022: CDN alternatives from Germany

When looking for a suitable IT service provider, the first instinct is often to look across the pond, even though the use of U.S. providers can be problematic from the regulatory compliance perspective – especially with regard to GDPR compliance. In fact, many alternatives are available, also from Germany, which are legally sound.

Find out more

 

Success story: IT security for BaFin-compliant crypto custody

IT security, data protection and comprehensive compliance are crucial for financial companies. Especially in the still relatively new crypto-asset and blockchain technology industries, financial institutions cannot afford to make any mistakes. For this reason, custody specialist Finoa relies on Myra’s protection services to secure its platform at application level comprehensively and in line with compliance requirements.

Find out more

 

What are IP stressers/booters?

Illegal IP stresser or booter services can be used to launch DDoS attacks on websites, web applications, APIs, and IT infrastructures without any technical expertise and at little cost. Mitigating such traffic overload attacks is much more complex. This makes preventive DDoS protection all the more important.

Find out more

 

What is a spam bot?

Spam bots are used for the mass, automated distribution of messages and comments on websites and social media. They can independently post spam on social media or forums, and even smuggle malware onto computers unnoticed. Learn how they work, how to recognize them and how to protect against them.

Find out more


April 2022

IT-Security-Trends

 

PPI study: ICT risks are among the greatest challenges for banks

Well over half of the executives surveyed expect increased cyber attacks on their institution in the next two years. Preventive protection of data and IT infrastructures thus plays an important role. Nearly three-quarters of respondents are already outsourcing services to third-party providers.

Find out more

 

Zero-day exploits reach an all-time high

Google’s Project Zero registered a total of 58 newly discovered vulnerabilities in 2021 that were actively exploited by attackers before a patch was available. The previous high from 2015 was 28 zero-day vulnerabilities. In 2020, 25 previously unknown exploits were discovered.

Find out more

 

Lünendonk study: Financial service providers want to step up investment in cybersecurity

More than half of the banks, insurance companies, and asset managers surveyed by Lünendonk in collaboration with KPMG consider it likely that they will become the target of DDoS attacks. Budgets for preventive protection measures are expected to increase significantly.

Find out more

 

BKA: Cybercrime up twelve percent year-on-year

In its 2021 crime statistics, the German Federal Criminal Police Office (BKA) reports a total of over 146,000 cybercrime cases. That means the number of offenses has doubled since 2015. The number of unreported cases is likely to be much higher because by no means are all digital attacks reported.

Find out more

 

PwC study: FinTechs expect compliance requirements to rise

92 percent of startups in the finance and insurance industry expect compliance costs to increase further in the next three years. More than three-quarters of respondents see cyber and IT security and data protection as the biggest drivers of costs.

Find out more

 

 

Cybercrime

 

 

Hamburg wind turbine manufacturer hit by cyber attack

As a result of the attack, the Nordex Group shut down the IT systems of several business units at various locations as a precautionary measure. In addition, alternative remote monitoring services had to be put in place for the turbine fleet. Turbine operation itself, however, is reported not to have been affected.

Find out more

 

Cyber attack forces Palatinate pump manufacturer to halt production

KSB, a pump and valve manufacturer based in Frankenthal, Germany, had to shut down its servers and check for an infestation of malware as a result of the attack, which led to a global production stoppage that lasted around a week. The company has filed criminal charges.

Find out more

 

Nasty Easter surprise: Cyber attack on IT company and municipal utility in Dillingen

On Easter Monday, an attack largely crippled the IT systems of Reitzner AG. Some customer systems were also affected, including those of the Donau-Stadtwerke Dillingen-Lauingen municipal utility. The supply of electricity and water as well as wastewater disposal, however, continued uninterrupted.

Find out more

 

Ransomware attack paralyzes city administration in Rhine-Neckar district

Unknown perpetrators gained access to the IT system of the town of Schriesheim and encrypted their servers. This led to a breakdown in telephone and email communication, which largely shut down administrative operations. It is still unclear whether and to what extent data was leaked.

Find out more

 

Borat remote access Trojan enables DDoS and ransomware attacks

The new modular attack tool has a number of features and is being offered on darknet marketplaces. Among other things, cybercriminals can use it to carry out DDoS attacks, infiltrate ransomware, and steal data to subsequently blackmail their targets.

Find out more

 

Legoland Germany admits to data leak on reservation site

Several thousand customer records from the past seven years were publicly available. They contained the names, addresses, and travel periods of overnight guests at the amusement park in Günzburg, Bavaria. The mishap was apparently related to a new reservation system introduced about half a year ago.

Find out more

 

Enemybot: New botnet exploits routers and IoT devices for DDoS attacks

The recently discovered malware uses the freely available source code of the Mirai and Gafgyt/Bashlite botnets. The Keksec group is believed to be behind the new hybrid variant. It exploits both old and newer vulnerabilities like Log4J to infect vulnerable devices.

Find out more

 

Around 3,000 speeders go unpunished following ransomware attack

Due to an attack on its IT service provider in October 2021, the Ludwigslust-Parchim district administration was unable to conduct any motor vehicle registration checks. As a result, the fine proceedings could not be processed in time and have now had to be dropped.

Find out more

 

 

 

Best practices, defense, and mitigation

Hydra Market: BKA takes world’s largest illegal darknet marketplace offline

As part of an internationally coordinated operation, the server infrastructure operated in Germany was seized and shut down. In addition, the German Federal Criminal Police Office (BKA) seized Bitcoin valued at around €23 million. In 2020 alone, the marketplace is said to have generated €1.23 billion in revenue.

Find out more

 

FBI succeeds in striking a blow against the Cyclops Blink botnet

According to the FBI, the botnet was operated by Sandworm, a Russian nation-state threat group. The botnet used for acts of sabotage primarily consisted of compromised firewall and router appliances. The GRU, the Russian secret service, is said to have used them to control thousands of network devices.

Find out more

 

“RaidForums”: Investigators shut down one of the world’s biggest cybercrime forums

According to Europol, the infrastructure was seized and the illegal marketplace was shut down as part of Operation TOURNIQUET. Police arrested the administrator of the forum and two other suspects. The platform traded in information for millions of bank account numbers, credit cards, and the usernames and associated passwords needed to access online accounts.

Find out more

 

Things to know

Hackers use Spring4Shell exploit for remote code execution

Hackers are using the Spring4Shell vulnerability to inject malicious code onto vulnerable servers, posing the threat of major damage. Learn here how Myra protects against the new threat.

Find out more

 

What is Mirai?

Mirai is malware that infects IoT devices running Linux and turns them into a botnet. Botnets of this kind are used by cybercriminals as tools to carry out such things as DDoS attacks, spam, phishing, and click fraud.

Find out more

 

What is the OWASP Top 10?

The Open Web Application Security Project (OWASP), a non-profit organization, is dedicated to the security of applications and services on the internet. The most well-known project is the OWASP Top 10, a ranking of the greatest security risks for web applications.

Find out more

 

What is Slowloris?

In a DDoS attack, system resources and network bandwidth are deliberately overloaded until the websites of the attack target only open up at a snail’s pace or are completely unavailable. The Slowloris attack tool only needs a single computer and minimal network resources.

Find out more

March 2022

IT-Security-Trends

IBM report: Manufacturing the top attacked industry in 2021

According to the latest IBM X-Force Threat Intelligence Index, manufacturing accounts for 23 percent of all cyber attacks worldwide. In Germany, the share is as high as 31 percent. Ransomware and unpatched software vulnerabilities are among the biggest threats.

Find out more

 

Study: Cyber defense and data protection are the biggest compliance challenges for banks

More than half (53 percent) of the financial institutions surveyed cite reducing or preventing cyber attacks and fraud as the biggest problem facing compliance departments. This is closely followed by the protection of sensitive data at 47 percent.

Find out more

 

eco IT Security Survey: One in three companies have experienced damage from IT security incide+6nts

The most frequent cause of damage continues to be ransomware, with a share of 21 percent. Website hacking and data theft come second with 18 percent each. 9 out of 10 of the IT security experts surveyed by eco expect the threat situation in Germany to worsen.

Find out more

 

Bitkom survey: 8 out of 10 digital companies expect cyber threat situation to worsen

Almost one in five companies sees specific indications of increased attacks. One in three has ramped up its IT security measures in the short term. “All companies should definitely check their protection against cyber attacks and strengthen it where necessary,” recommends Bitkom President Achim Berg.

Find out more

 

FBI report: Damage from cyber attacks in excess of $6.9 billion in 2021

Overall, the FBI received nearly 850,000 complaints from victims last year, a seven percent increase over 2020. Business email compromise (BEC), a form of phishing, caused the most damage at around $2.4 billion.

Find out more

 

Cybercrime

 

Nvidia admits data leak after attack from Lapsus$ group

Cybercriminals stole 1 TB of internal information and the credentials of tens of thousands of employees of the US chipmaker giant. Shortly thereafter, 20 GB of the stolen data was leaked online. The attackers threatened further leaks if the company did not comply with their demands.

Find out more

 

Lapsus$ cybercrime group leaks Samsung source code

The hackers penetrated the South Korean company’s IT infrastructure and reportedly stole 190 GB of security-related data. Later, they published software source code and algorithms for the biometric methods used to unlock Samsung smartphones.

Find out more

 

After Nvidia and Samsung: Microsoft and Okta also confirm data theft by Lapsus$

According to Microsoft, the criminals accessed internal data via a compromised user account. At identity and access management service provider Okta, the attackers obtained access to the company network by hijacking the account of a member of its service provider’s support staff.

Find out more

 

Digital attack cripples municipal administration in Thuringia

As a result of the attack on the IT systems, none of the offices in the Suhl city administration were able to work. Email communication was also down. The State Criminal Police Office of Thuringia has begun an investigation.

Find out more

 

Technical university in Lower Franconia offline following cyber attack

In the wake of the attack, TU Aschaffenburg shut down all IT systems as a precaution. This preventive measure was intended to prevent data from being encrypted. As a result, teaching was only possible on site and offline.

Find out more

 

Cyber attack on Worms-based logistics service provider

According to TST GmbH, which was the victim of the attack, all systems were immediately shut down automatically. Many work processes had to return to analog mode. The logistics company has not yet been able to quantify the actual damage caused. It is also still unclear who is behind the attack.

Find out more

 

LockBit ransomware causes production stoppage at one of the world’s largest tire manufacturers

For security reasons, Bridgestone had to shut down its computer network and production in North and Central America for approx. one week. It was initially unclear what data had been leaked. As usual, the attackers threatened to leak the data online in order to extort a ransom.

Find out more

 

Log4shell exploits are now used primarily for DDoS botnets and cryptomining

Attackers now primarily exploit the critical vulnerability in the Java Log4J library to commandeer IoT devices and incorporate them into botnets that then launch DDoS attacks. They also misuse the computing power of hijacked devices to mine cryptocurrency.

Find out more

 

Attack-related satellite network failure disrupts operation of German wind turbines

As a result of a digital attack, thousands of KA-SAT terminals belonging to operator Viasat failed in several European countries. In Germany, thousands of wind turbines were impacted. They were still running and generating electricity but could no longer be monitored and controlled remotely.

Find out more

 

Cybercriminals ring the bells of St. Stephen’s Cathedral in Vienna

The attackers gained access to the cathedral’s IT system via a remote maintenance connection from the Innsbruck-based bell company. They then made the bells ring for around 20 minutes at around 2 am before the cathedral priest was able to intervene.

Find out more

 

Criminals steal over $600 million in cryptocurrencies from blockchain game

By exploiting vulnerabilities in the payment processing of the NFT game “Axie Infinity,” attackers stole tens of thousands of units of ether and stablecoin. It is one of the largest crypto thefts reported to date.

Find out more

 

 

Best practices, defense, and mitigation

Response to Ukraine war: EU member states set up emergency fund for cybersecurity

The additional EU funding will enable member states to upgrade their cybersecurity capabilities. Among other things, the aim is to strengthen the resilience of critical infrastructure operators, who are the primary targets in the event of conflict.

Find out more

 

EU Commission presents proposal for new cybersecurity regulation

The objective of the new regulation is to increase cyber defense capability and establish uniform security measures for all EU institutions, entities and other bodies. As part of this, CERT-EU is to be renamed and given a stronger mandate and new resources.

Find out more

 

Bitkom provides tips on IT security: “What companies should do now as a matter of urgency”

The industry association recommends, among other things, reviewing and, if necessary, strengthening existing protective measures, defining clear responsibilities, increasing awareness of cyber threats among employees, and preparing contingency plans.

Find out more

 

U.S. Securities and Exchange Commission to require companies to report security incidents in a timely manner

In the future, companies in the United States will have to report major data protection and IT security incidents within four days. The SEC also wants them to report earlier previously undisclosed incidents and to provide insight into their cyber risk management plans in their financial reports.

Find out more

 

 

Things to know

Fending off DDoS extortion: mailbox.org’s success story

Last fall, the mailbox.org email service was targeted by DDoS blackmailers. With the help of Myra Security, operator Heinlein Hosting was able to secure service availability without paying protection money.

Find out more

 

Risks in BaFin’s Focus 2022: Supervisory authority wants to intensify dedicated IT audits

Cyber incidents pose a growing threat to the financial industry. BaFin is responding to this development with tighter IT controls and enforcement measures.

Find out more

February 2022

IT-Security-Trends

BKA: Municipalities are increasingly being targeted by cybercriminals

According to the Federal Criminal Police Office (BKA), municipalities are being attacked with increasing frequency. Therefore, experts are calling for uniform IT security specifications and more investment by public institutions in securing IT. The federal states should provide more support in this area.

Find out more

 

IBM report: Manufacturing industry is most vulnerable to cyber attacks

In Europe, one in four attacks targets the manufacturing sector, and in Germany, nearly one in three. Last year, the greatest threat to companies and their global supply chains came from ransomware and security vulnerabilities in software that was not patched in time.

Find out more

 

LKA expert appeals to company bosses: “Please invest in IT security”

Torsten Seeberg from the Cybercrime Central Point of Contact (ZAC) at LKA Baden-Württemberg has called on companies to arm themselves against cyber attacks. His agency alone received 1,867 tips about possible attacks last year – and the number is rising. “Anyone can be impacted,” warns the expert.

Find out more

 

Danger from ransomware: Security agencies warn of increasing professionalization

Authorities from the U.S., the U.K., and Australia are seeing an increasing division of labor among cybercriminals, who are continuing to expand their Ransomware-as-a-Service business and are now even offering their victims “24/7 support” to speed up ransom payments.

Find out more

 

eco survey: German companies are investing more in cybersecurity

According to the Association of the Internet Industry, 54 percent of companies increased spending on IT security last year. Nearly a third reported losses due to IT security incidents in the past 12 months. The most common types of attack include cyber extortion and data theft.

Find out more

 

Data Protection Report 2021: New peak in reported data breaches

Last year, the State Commissioner for Data Protection in Baden-Württemberg recorded a total of 3,136 reports. This is a more than 25% increase compared to the previous year and a clear indication that the IT infrastructure of government agencies and companies is increasingly under attack.

Find out more

 

Two-thirds of healthcare organizations recorded “significant security incidents” in 2021

According to the HIMSS Healthcare Cybersecurity Survey 2021, healthcare organizations are suffering from tight budgets, aging infrastructure, and an increase in cyber attacks. More than half of respondents have increased spending on IT security, but it accounts for only six percent of the IT budget.

Find out more

 

Ransomware gangs extorted to the tune of $600 million in cryptocurrencies in 2021

The actual amount is likely to be significantly higher due to the high number of unreported cases. According to research by Chainanalysis, the Conti group alone netted more than $180 million. The ransom money paid rose to an average of $118,000 in 2021.

Find out more

 

Cybercrime

Ukraine conflict: German security agencies warn of cyber attacks

Against the backdrop of the Ukraine crisis, the German Federal Office for Information Security (BSI) has called on operators of critical infrastructure in particular to strengthen their security precautions to defend against cyber attacks. The Federal Office for the Protection of the Constitution also warns of possible collateral damage in Germany.

Find out more

 

DDoS attacks again take down Ukrainian government websites

Shortly before the start of the Russian attack on Ukraine, the websites of the parliament, the government, the Ministry of Foreign Affairs, and other state agencies were no longer accessible. Previously, there had been similar overload attacks on the websites of the Ministry of Defense and several banks.

Find out more

 

Cyber attack on tank logistics company disrupts fuel supply in northern Germany

The attack on the IT systems of the Hamburg-based company Oiltanking led to the failure of its loading and unloading systems, leaving the supplier unable to provide fuel to service stations. 233 service stations, mainly in northern Germany, including those of the Shell petroleum group, were affected.

Find out more

 

Belgian public prosecutor’s office investigates digital attacks on port facilities

The attacks hit several European ports and disrupted the unloading of ships, such as in Antwerp and Rotterdam. In the Netherlands, oil tankers and barges could no longer be handled due to disrupted terminals. Oil storage terminals in the two Benelux countries are also said to have been the target of attacks.

Find out more

 

Ransomware extortionists attack Swiss airport service provider

The attack on the IT infrastructure of the Swissport service company caused temporary delays in flight operations at Zurich Airport. The BlackCat group is behind the blackmail attack. It has apparently also made off with data, which it is now offering for sale on the darknet.

Find out more

 

Cybercriminals blackmail Hamburg waste management company

As a result of a ransomware attack, the email, telephone, and IT systems of Otto Dörner Group were taken offline. According to the company, business operations are continuing. The State Office of Criminal Investigations has launched an investigation. It is still unclear whether any data was leaked.

Find out more

 

Portugal: Mobile telephony provider struggles with network outage following cyber attack

As a result of the attack on Vodafone Portugal’s infrastructure, cellular and cable TV services as well as SMS, voice, and voicemail services were only available to a limited extent or not at all. Even ATMs connected via LTE and emergency calls were partially disrupted.

Find out more

 

Cyber attack disrupts global operations of US logistics company

Logistics behemoth Expeditors International was forced to shut down most of its systems as a precaution after a suspected extortion attack. This led to operational outages worldwide. The company now fears significant losses in sales and damage to its reputation.

Find out more

 

Attackers disrupt online services of the Canadian Ministry of Foreign Affairs

According to the ministry, diplomats were no longer able to access selected services as a result of the attack. Other ministries were apparently not affected. According to the Canadian government, it is still unclear who is behind the attack.

Find out more

 

Best practices, defense, and mitigation

ECB calls on banks to strengthen their defenses against cyber attacks

In light of the conflict between Russia and Ukraine, the ECB’s chief banking supervisor, Andrea Enria, warned of “a possible increase in attacks.” Banks should step up their efforts to protect themselves against cyber attacks, for example, by providing adequate training for their employees and looking for vulnerabilities in their services.

Find out more

 

Federal Ministry of the Interior wants to expand BSI powers

At the 18th IT Security Congress, Federal Minister of the Interior Nancy Faeser announced that the Federal Office for Information Security (BSI) would become a “central office in the federal-state relationship.” Until now, the BSI has only been responsible for federal government agencies. It will be assuming a coordinating role in the future.

Find out more

 

BSI publishes new edition of its IT-Grundschutz (IT baseline protection) compendium

The 2022 edition includes seven new building blocks that cover, among other things, Kubernetes, containerization, systems management, technical building management, building automation, and remote maintenance in an industrial environment. In addition, the structure of the compendium has been streamlined.

Find out more

 

Chaos Computer Club tracks down more than 50 data leaks involving 6.4 million personal records

Security researchers from the Chaos Computer Club have found a total of more than 50 leaks from government institutions and companies in their search for data leaks. Most were due to easily avoidable errors. The researchers discovered over half of the records in open Git repositories.

Find out more

 

“Ransomware catalog of measures”: BSI provides overview of protective measures

The working paper is meant to prepare for a ransomware attack and presents the necessary preventive basics. It was created on the basis of experience gained by the BSI in handling ransomware cases. The catalog is intended for companies and government agencies.

Find out more

 

Things to know

Supervisory authorities step up data protection controls in the public sector

Data protection and GDPR compliance in the cloud are sensitive issues, not least for government agencies. EU supervisory authorities have launched a comprehensive investigation into cloud use in the public sector. The objective is to uncover and remedy any breaches of data protection.

Find out more

 

The 10 most significant cyber security trends for 2022

Financial institutions are popular targets for cybercriminals. When intensified cyber attacks encounter a growing virtual attack surface, the threat situation becomes critically acute. Banks and savings banks must prepare for ten attack patterns and IT security trends in 2022.

Find out more

 

Barbarians, knights, & cybercriminals: Entertaining time travel through centuries of attacks

The threats humankind faces have steadily changed and multiplied over time. Right up to our own time, when we now also have to deal with threats in the digital environment: cyber threats. This is highlighted by an innovative new awareness campaign from Myra Security.

Find out more

January 2022

IT-Security-Trends

Cyber incidents are the greatest risk to companies

Despite the ongoing pandemic and increasing burdens from the effects of climate change, cyber incidents are what pose the greatest risk to companies throughout the world. That is the conclusion of the current Allianz Risk Barometer 2022.

Find out more

 

Banks targeted by DDoS extortionists

In the financial sector, securing sensitive digital processes is a top priority. By outsourcing IT security to the cloud, financial entities can lower costs for their own infrastructure and experts. However, when using a SECaaS solution, it is crucial to choose the right service provider.

Find out more

 

Extortion attacks on financially strong companies on the rise

According to the Central Office for Cybercrime in Bamberg, ransomware attacks are increasingly targeting large companies because the criminals expect to reap greater returns from them. In 2021, for example, the electronics store chain MediaMarktSaturn was hit. Investigations are proving difficult.

Find out more

 

US security agencies warn of Russian cyber attacks on critical infrastructure

According to information from the FBI, CISA and NSA, state-sponsored advanced persistent threat actors are employing many different attack tactics, from spearphishing and brute-force attacks to malware. Businesses are being called upon to improve their monitoring and logging to detect threats early on.

Find out more

 

Saxony police see cybercrime on the rise

The Saxon police registered a total of 3,120 cybercrime cases in 2020, 465 more than in the previous year. However, Saxony’s interior minister assumes that the number of unreported cases is high because many companies are not reporting attacks for fear of damage to their trust and image.

Find out more

 

Report confirms that US intelligence agencies also have access to US company data stored in the EU

US authorities can compel American companies to divulge data even if it is stored on servers within the EU. This is the conclusion of an expert report prepared for the data protection conference of the German federal and state governments. According to the report, US intelligence law (Section 702, Foreign Intelligence Surveillance Act) is incompatible with the EU GDPR.

Find out more

 

Linux malware poses mounting threat

Year-on-year from 2021 to 2020, the number of Linux malware programs has grown by 35 percent. Nearly a quarter of the infections of Linux systems are attributable to the three largest malware families. They incorporate the IoT devices and systems under attack into botnets, which are then often used for DDoS attacks.

Find out more

 

Cybercrime

Defacement attack on Ukrainian government websites

In place of normal content, the websites being attacked featured a threatening message. Among others, the sites of the Cabinet, the Ministry of Foreign Affairs, the Ministry of Disaster Management, the Ministry of Energy and the Ministry of Education were impacted. Some had to be temporarily taken offline.

Find out more

 

Cyber attack on Red Cross leads to leak of data from over 500,000 “highly vulnerable” people

Unknown perpetrators targeted the servers of the International Committee of the Red Cross (ICRC). In the process, they accessed the information used for family reunifications and the Red Cross international search service. According to the organization, the attackers were “extremely sophisticated”.

Find out more

 

Federal Office for the Protection of the Constitution warns German companies against cyber attacks from China

The federal agency has “intelligence of an ongoing cyber espionage campaign by the APT27 cyber attack group”. The attackers are seeking to steal trade secrets and intellectual property. In addition, they could use supply chain attacks in an attempt to infiltrate the networks of customers and service providers.

Find out more

 

Criminals encrypt server of Thuringian accident insurer

As a consequence of the ransomware attack, business operations at Unfallkasse Thüringen are severely restricted. Online services such as seminar booking, digital accident reporting, and email communication are unavailable. Restoring the systems is expected to take until the beginning of February.

Find out more

 

“Threatening exceptional situation” following cyber attack on hospital association in Lake Constance district

Mainly impacted were the Friedrichshafen Hospital and the Tettnang Hospital of “Medizin Campus Bodensee”. Because the entire IT system was shut down as a precautionary measure, operations had to be canceled and emergency cases transferred to other hospitals. The authorities are investigating the matter on suspicion of attempted extortion.

Find out more

 

DDoS attacks on Münster University of Applied Sciences repeatedly lead to service outages

In addition to the university’s website and email server, the “FHexam” exam server was also affected by the traffic overload attacks. According to Münster UAS, the personal data of students, employees, or project partners was not at risk.

Find out more

 

Ransomware attackers extort school in Neubrandenburg

Criminals encrypted all of the data on the school server and demanded a ransom. According to the school administration, the information that was no longer accessible was mainly teacher-specific data such as lesson plans, but no grades or report cards.

Find out more

 

DDoS attack on online gamers causes online outages in Andorra

In order to disrupt participation in a Minecraft tournament, unknown suspects attacked the only Internet service provider of the tiny state. The DDoS attacks occurred in several waves and caused landline and mobile phone outages, some of which lasted for hours.

Find out more

 

FBI: Cybercriminals attack companies with malware-infested USB thumb drives

According to the FBI, packages containing the manipulated USB thumb drives, some of which were disguised as gifts, were sent to US companies in the transportation, insurance, and defense sectors. The attackers’ goal was to inject ransomware. Investigators suspect the notorious cybercrime Fin7 group to be behind the scam.

Find out more

 

Ransomware attack on government computers takes US prison offline

The security cameras and automatic door system at the prison in the US state of New Mexico failed as a result of the cyber attack. The worst off were the inmates, who were temporarily unable to leave their cells. In addition to the prison, other public facilities were also affected.

Find out more

 

Attackers disrupt online services of the Canadian Ministry of Foreign Affairs

According to the ministry, diplomats were no longer able to access selected services as a result of the attack. Other ministries were apparently not affected. According to the Canadian government, it is still unclear who is behind the attack.

Find out more

 

Best practices, defense, and mitigation

 

Vulnerability in Log4J: What you need to know – what to do

The critical “Log4Shell” vulnerability in the Java Log4J library enables attackers to inject malicious code on web servers and inflict massive damage. Learn what makes the vulnerability so dangerous and how you can protect yourself from Log4J-based attacks.

Find out more

 

EU Commission recommends universities take better protective measures against cyber attacks

Best practices cited by the commission include awareness training on data privacy and security, and the creation of contingency plans and lists of the greatest cyber risks. Due to their collaboration with the public and private sectors, research institutions are an attractive target for attackers.

Find out more

 

“MedISA” research project seeks to raise awareness of IT security and data protection among hospital staff

As part of the project, Bonn-Rhein-Sieg University of Applied Sciences will be developing a catalog of measures to effectively raise awareness of data protection and IT security in hospitals and medical practices. To do this, it is pursuing a “nudge” approach in which security issues are integrated into regular work processes.

Find out more

 

Russian intelligence arrests members of REvil ransomware group

At the request of the US, the Russian domestic intelligence service FSB has arrested several people and neutralized the cybercriminals’ infrastructure. During searches at 14 residential locations, the equivalent of 4.8 million euros was seized, some of it in cryptocurrencies. REvil is suspected to be behind the attack on the IT service provider Kaseya, among others.

Find out more

 

European investigators shut down VPN service used by cybercriminals

In a globally coordinated move, law enforcement agencies led by the Hanover police have taken a total of 15 VPNLab.net servers offline. Criminals have purportedly used them to communicate in encrypted form, spread malware, and carry out ransomware attacks.

Find out more

 

Things to know

What are the BAIT?

At the end of 2017, the German Federal Financial Supervisory Authority (BaFin) published the Supervisory Requirements for IT in Financial Institutions (Bankaufsichtliche Anforderungen an die IT, BAIT), a binding set of rules for safeguarding IT in the finance industry. The aim was to ensure the secure design of systems and processes and to create transparent governance.

Find out more

 

What is DNSSEC?

Domain Name System Security Extensions (DNSSEC) is a suite of extensions for the Domain Name System (DNS). They are used to prevent the malicious manipulation in resolving names to IP addresses.

Find out more

December 2021

IT-Security-Trends

Log4J vulnerability: internet on red alert

The critical Log4J vulnerability enables attackers to inject malicious code on web servers and inflict massive damage. Learn more about the current threat situation and how Myra can help with mitigation.

Find out more

 

ECB President: “Cyber attacks pose a systemic risk”

The President of the European Central Bank, Christine Lagarde, has warned of cyber attacks posing a systemic risk: Due to the advancing digitalization and networking in the financial sector, a cyber incident could quickly escalate from an operational disruption to a systemic crisis.

Find out more

 

Municipalities are increasingly being targeted by cybercriminals

Digital attacks on public institutions are becoming more frequent – in some cases with grave consequences for the provision of services to citizens. Municipal companies and administrations should therefore gear up for emergencies. The BSI recommends the use of a business continuity management system (BCMS) and regular training.

Find out more

 

Report: 200 percent increase in attacks on the healthcare system

According to NTT Ltd.’s 2021 Global Threat Intelligence Report, the number of cyber attacks in the healthcare sector tripled year-over-year in 2020. From October 2020 to January 2021 alone, approx. 45 percent more attacks against the healthcare sector were registered.

Find out more

 

HackerOne: Number of reported security vulnerabilities increases by over 20 percent

According to HackerOne’s latest “Hacker-Powered Security Report,” ethical hackers reported more than 66,000 verified vulnerabilities in 2021, up 21 percent from the previous year. The average time to remediate a flaw dropped 19 percent industry-wide to 26.7 days.

Find out more

 

IT security insurance: Policy requirements become more stringent

Due to increasing losses, insurers are tightening their criteria catalog and require, among other things, the establishment of a Security Operations Center (SOC). Those lacking the necessary resources for in-house operation should commission a third-party provider.

Find out more

 

Due to unlawful data transfer to the USA: German court prohibits use of Cookiebot

The Wiesbaden Administrative Court granted a petition for an injunction filed by a user who had complained that the consent manager was transferring data to a US cloud provider without his consent. If the ruling becomes legally binding, this could have far-reaching consequences.

Find out more

 

 

Cybercrime

Following the attack exploiting the Log4J vulnerability: Federal Fiscal Court temporarily shuts down website

According to the Federal Fiscal Court, the attack was successfully averted and stopped. Only the website was affected. The attackers did not gain access to the intranet or sensitive data from tax proceedings.

Find out more

 

Due to Log4Shell: gematik takes parts of the telematics infrastructure offline as a precautionary measure

Due to the critical vulnerability in the Java Log4J library, gematik was forced to disconnect some services of the telematics infrastructure from the internet as a preventive measure. The insurance master data management of some health insurance companies, for example, was put into maintenance mode to close the vulnerability.

Find out more

 

Ransomware attack on Koblenz-based healthcare software provider

Just over a month after medatixx, CompuGroup Medical (CGM) also became the target of a ransomware attack. The attack affected the availability of some internal systems such as email and telephone services. According to the company, customer systems and customer data, however, were not affected.

Find out more

 

Cyber attack forces Pirna municipal utility into emergency operation mode

During an attack on Stadtwerke Pirna, cybercriminals were able to encrypt some systems. This resulted in severe restrictions in accessibility and customer support services. However, according to the municipal utility, the security of supply was not at risk at any time.

Find out more

 

Server compromised: Hospital association in Bavaria forced to halt email communication

Cybercriminals infected the email server of the Bavarian Hospital Association (BKG) with malware and then used it to send out fake messages. The motives behind the attack are still unclear.

Find out more

 

Cyber attack disrupts business operations of Osnabrück logistics company

As a result of an attack, the global freight forwarder Hellmann cut all connections to the central data center as a precautionary measure. This created massive restrictions in the operational business. In many cases, “robust manual processes” were set up in order to continue processing orders.

Find out more

 

Criminals steal development data from Swedish car manufacturer

Attackers gained access to Volvo’s research and development data and made off with some of its intellectual property. According to the company, the breach could have an impact on business operations. Customer data, however, was not affected.

Find out more

 

British supermarket chain forced to temporarily close hundreds of stores following ransomware attack

Spar supermarkets were unable to process card payments or digital transactions via electronic wallets as a result of the attack. According to media reports, only stores in northern England were affected.

Find out more

 

Cyber attack partially takes down IT systems of Brazilian health ministry

As a result of the attack, it was no longer possible, for example, to retrieve information from the national vaccination program or issue digital vaccination certificates, according to Reuters. In addition, the government had to postpone the planned introduction of new health regulations for inbound travelers by one week.

Find out more

 

 

 

Best practices, defense, and mitigation

 

IT security in the financial sector: “Only institutions that understand cybersecurity as a process can be successful”

When the job is done, that’s it? What may still hold true for handicrafts may not (unfortunately) hold true for cybersecurity. In an interview with Bankingnews, Jan Wilde from Myra Security explains how banks can best meet the constantly changing regulatory requirements for systems and processes.

Find out more

 

“Traffic light coalition” wants more independence for the BSI

According to the coalition agreement, the German Federal Office for Information Security (BSI) will in the future be “positioned more independently and expanded as a central agency in the area of IT security.” Also planned are the promotion of digital sovereignty and the increased use of open source.

Find out more

 

Dozens of domains of APT15 cyber espionage group seized

The group, which is suspected of operating from China, is also known as Nickel, Mirage, or Vixen Panda. According to Microsoft, the domains that have now been taken offline were used to collect information from government agencies, think tanks, and human rights organizations.

Find out more

 

Criminal prosecutors strike a blow against illegal data traffickers in Ukraine

In several raids, 51 suspects were arrested for purportedly offering vast amounts of stolen personal data for sale on underground forums. According to the authorities, the stolen information came from over 300 million citizens in the EU, the USA, and Ukraine.

Find out more

 

Trier District Court imposes prison sentences on “cyber bunker” operator

The primary defendant was sentenced to five years and nine months in prison. Seven other defendants received shorter prison sentences. Together, they had handled illegal business transactions for criminal customers via a computer center in a bunker facility in Traben-Trarbach, including trafficking in drugs and counterfeit currency.

Find out more

 

 

Things to know

Myra app: New design enhances usability and functionality

The redesign of the Myra user interface being developed improves usability and unifies the look-and-feel. It will also be easier to add additional features to the app in the future.

Find out more

 

Myra Security awards creative budget to Jung von Matt

Myra Security is working with Jung von Matt on a disruptive campaign that will go live in the first quarter of 2022. The goal is to raise greater awareness for the important topic of IT security.

Find out more

 

Light and shade surrounding DNSSEC

Almost every online service relies on the domain name system (DNS) for address resolution, and attacks on and via this service are consequently highly sensitive. However, the standardized DNSSEC procedure for securing DNS queries is far from being universally accepted and, at the same time, poses risks that should not be underestimated.

Find out more

November 2021

IT-Security-Trends

Europol: Corona pandemic fuels cybercrime

In its latest report, Europe’s law enforcement agency warns of an increase in cybercrime resulting from the accelerated pace of digitalization driven by corona. Europol sees organized blackmail attacks employing ransomware or DDoS against companies and public institutions as one of the greatest threats.

Find out more

 

Comeback of the “king of malware”: Emotet is back

At the beginning of the year, law enforcement agencies seized and dismantled Emotet’s infrastructure. The malware, which at times was considered one of the most destructive in the world, has now resurfaced. The BSI warns of renewed waves of large-scale Emotet spam.

Find out more

 

IDC study: German companies overestimate their capabilities when it comes to IT security

According to the report “Cybersecurity in Germany 2021,” two-thirds of respondents felt they would be able to deal with all future IT security threats without relying on external service providers. At the same time, however, 70 percent said they had already fallen victim to ransomware. 41 percent acknowledged data loss.

Find out more

 

Accenture: Majority of companies lack cyber resilience

55 percent of the more than 4,700 companies surveyed are unable to quickly identify cyber attacks, effectively combat them, or limit their impact in a short period of time. That is a key finding of Accenture’s “State of Cybersecurity Resilience 2021” report..

Find out more

 

Gartner: Management must take responsibility for IT security

According to global surveys conducted by the market research company Gartner, only a good 20 percent of the companies surveyed have assigned dedicated responsibilities for IT security at the top management level. In 85 percent of companies, the responsibility still lies with CIOs or CISOs.

Find out more

 

Digital blackmail: Allianz expects more attacks on supply chains and IT service providers

The industrial insurer Allianz Global Corporate & Specialty (AGCS) warns of a further increase in blackmail attacks. Companies that supply goods essential to the economy and society are especially at risk, as are IT service providers whose systems are connected to many customer networks.

Find out more

 

KBV warns of escalating attacks on IT in medical practices

Overall, the threat to IT systems in the healthcare sector is constantly increasing, says Thomas Kriedel, member of the board of the National Association of Statutory Health Insurance Physicians (KBV). Practices should therefore regularly review their security measures and compare them with the current IT security guideline.

Find out more

 

“BotenaGo”: New botnet malware hijacks routers and IoT devices

The malware uses over 30 exploits to install a backdoor on routers and IoT devices. It then waits for commands from botnet operators. Although parts of BotenaGo are similar to Mirai malware, security researchers believe it is a new family of malware.

Find out more

 

Cybercrime

Ransomware extortionists attack Europe’s largest electronics retailer

The attack impacted all national companies of the MediaMarktSaturn Group. In the stores, some services such as returned merchandise were only available to a limited extent. The blackmailers reportedly demanded a ransom of $50 million for unlocking the systems they encrypted.

Find out more

 

Thousands of medical practices affected: Ransomware attack on medical IT service provider

At the beginning of November, criminals encrypted the central systems of medatixx, severely restricting both accessibility and overall company operations. More than 20,000 medical practices were urged to change the passwords for their medical practice software, Windows, and TI connectors.

Find out more

 

Criminals send fake security alerts via compromised FBI server

Unknown subjects exploited a configuration error to gain access to a mail server belonging to the U.S. Federal Bureau of Investigation (FBI). They then sent fraudulent messages from an official FBI address. The hoax emails warned that an attack was being perpetrated on the recipients’ systems.

Find out more

 

Critical security vulnerabilities discovered: Office printers as a gateway for attackers

According to media reports, the vulnerabilities are present in over 150 HP multifunction printers. Attackers can exploit them to read print data or credentials and inject malicious code into the company network. Firmware updates are expected to resolve these issues.

Find out more

 

Cyber attack on Ahrensburg industrial camera manufacturer

According to the company, the attack on Basler AG caused “massive disruptions within the IT infrastructure,” which is why “all IT systems were immediately shut down in a controlled manner.” As a result of the attack, the stock market value of the SDax company temporarily plummeted by more than 50 million euros.

Find out more

 

Fake emails sent out: Cyber attackers hijack city of Sassnitz mail server

The criminals abused the municipality’s email system to spread malware. As a result, the mail server had to be temporarily shut down. No personal data is said to have been leaked. It appears to have been an automated attack.

Find out more

 

Ransomware attack cripples network of Nuremberg Institute of Technology

As a result of the attack, access to the mail system and university services was no longer possible. It took around three weeks to restore the systems. All of the university’s students and employees had to appear in person on campus to change their credentials.

Find out more

 

Filling up for less: A cyber attack on a Thuringia gas station results in bargain prices for gasoline and diesel

According to the police, unknown perpetrators gained access to the user portal for gas station operators and tampered with the fuel prices. For several hours, a liter of diesel cost only €0.20. The gas station operator sustained damage amounting to several thousand euros.

Find out more

 

Data breach at major domain registrar in the U.S.: 1.2 million customer records leaked

Attackers had access to GoDaddy’s servers for over two months. In addition to email addresses, usernames and passwords were also compromised. According to the company, current and former customers of GoDaddy’s WordPress hosting service were affected by the data theft.

Find out more

 

Roughly 7 million customers impacted: Data theft at U.S. financial services provider

Attackers used social engineering to gain access to Robinhood’s internal customer support systems. Among other things, they made off with email addresses and the full names of around a third of the customer base. However, no credit card or bank data is said to have been leaked.

Find out more

 

Unpatched GitLab servers abused to set up botnets

Attackers exploited a vulnerability in GitLab servers that had already been patched in April to integrate them into a botnet. They then used it to carry out large-volume DDoS attacks. At the beginning of November, only about half of the 60,000 GitLab servers connected to the internet had been patched.

Find out more

 

 

Best practices, defense, and mitigation

Operational resilience: BaFin puts even greater focus on cybersecurity

BaFin has set itself the goal of strengthening the operational resilience of the financial industry. An important part of this is the digital safeguarding of banks, insurance companies, and affiliated service providers.

Find out more

 

Saxony’s data protection commissioner: “Prevention is more effective and more important than ever before”

Companies should not wait until they become the victim of hacker attacks, says Andreas Schurig. Prevention is a sound and wise investment that pays off considerably in the event of an attack.

Find out more

 

BSI President: “Municipalities absolutely have to take cyber threats seriously”

Cases such as those in the Anhalt-Bitterfeld district, Schwerin, and Witten have shown “the serious repercussions of ransomware attacks,” says Arne Schönbohm. At the same time, the BSI president criticized the fact that his agency had no information on the totality of IT security incidents in municipalities.

Find out more

 

U.S. government offers reward in the millions for tips on ransomware group DarkSide

The U.S. government will pay up to $10 million for information identifying the leaders of DarkSide. Another $5 million is to be paid for tips leading to the capture of individuals involved in the group’s ransomware attacks. DarkSide is suspected of being behind the cyber attacks on Colonial Pipeline, among others.

Find out more

 

European investigators strike a blow against ransomware gang

After house searches conducted in several countries, a total of seven people were detained. They are allegedly responsible for approx. 7,000 ransomware attacks on companies, municipalities, hospitals, judicial authorities, and educational institutions. In the process, they extorted several million euros.

Find out more

 

 

Things to know

Five key takeaways from the 2021 SZ-Wirtschaftsgipfel

Whether Europe will still be at the forefront of the digital world in 2030 is up to us to decide. But to do so, we need to break new ground faster and more courageously with a can-do mentality.

Find out more

October 2021

IT-Security-Trends

Situation report on cyber security: BSI speaks of a “red alert”

Overall, the BSI classifies the threat situation in the reporting period as “tense to critical.” Digital blackmail is among the biggest threats. The number of newly identified malware variants rose by 22 percent year-on-year to a record level of around 144 million.

Find out more

 

A scalpel, not a shotgun: DDoS extortion with increasing precision

DDoS extortionists are increasingly targeting cash-rich companies in critical sectors such as finance and healthcare. Preventive protection for operational business is therefore crucial.

Find out more

 

Allianz expects increase in ransomware attacks on supply chains

In addition to physical supply chains and critical infrastructure, attackers are increasingly targeting IT service providers whose solutions are used by a large number of client companies. The criminals are hoping that these supply chain attacks will lead to a rapid spread of their ransomware.

Find out more

 

BaFin Executive Director: “IT security must be the top priority at every institution”

At the Federal Financial Supervisory Authority’s “IT Supervision at Banks” event, Raimund Röseler highlighted two areas for action: digital resilience and outsourcing. In the IT sector in particular it would be desirable from a security point of view for services to be provided by professionally prepared companies.

Find out more

 

Ernst & Young study: Companies see increasing risk from cyber attacks

Almost two-thirds (63 percent) of the 500 or so companies surveyed rate the risk of falling victim to digital attacks or data theft as “somewhat high” or “very high.” The greatest threat comes from organized crime gangs. The attackers primarily target high-revenue companies.

Find out more

 

New regulations: Hospitals must meet higher IT security requirements

From January 1, 2022 onwards, even smaller hospitals that are not classified as operators of critical infrastructure must protect their IT systems with appropriate technical and organizational security precautions in accordance with the “state of the art.” This is mandated by the Patient Data Protection Act (PDSG) and the newly enacted Section 75c of German Social Code Book V (SGB V).

Find out more

 

“Digital Trust Insights 2022:” Cybersecurity threatened by complexity in companies

For around 80 percent of executives surveyed by PricewaterhouseCoopers, many cyber and data protection risks stem from their business processes and systems being unnecessarily complex. In terms of cyber risks in the supply chain, there are blind spots for around a third of them.

Find out more

 

Solarwinds attackers at it again: New attacks by the “Nobelium” group

According to Microsoft, since May it has informed about 140 technology service providers about attacks on their IT infrastructure. Approximately one in ten attacks has been successful. The new wave of attacks is focusing on providers who set up and maintain cloud services for other companies.

Find out more

 

Cybercrime

Cyber attack forces Wismar municipal utility into emergency operation mode

According to the utility, the IT systems for its service department were encrypted by unknown perpetrators. Employees were no longer able to access commercial, service, and customer data. However, the supply of electricity, gas, water, and heat was still uninterrupted.

Find out more

 

Attack on municipal IT service providers: Administrations in Mecklenburg-Western Pomerania impacted

Kommunalservice Mecklenburg (KSM) and Schweriner IT- und Servicegesellschaft (SIS) were attacked with malware that encrypted data on their servers. As a result, all of their IT systems had to be shut down as a precautionary measure. There were considerable restrictions on services in the state capital Schwerin and in the district of Ludwigslust-Parchim.

Find out more

 

“Professional attack” cripples Witten city administration

As a result of the attack, the entire computer system was shut down as a preventative measure. The administration was temporarily unavailable by email or telephone. Weeks after the attack, a large part of the city’s services continue to be restricted.

Find out more

 

Automotive supplier forced to announce short-time work following cyber attack

According to media reports, a ransomware attack has largely knocked out Eberspächer’s IT systems worldwide. Administration and production were so severely disrupted that the company had to put the workforce at its headquarters in Esslingen on short-time work at short notice.

Find out more

 

Dessau hospital taken offline following cyber attack

According to the hospital, the security vulnerability exploited by the attackers has since been closed. Patient care was at no time impaired. It is still unclear whether any data was leaked.

Find out more

 

Attacks on mailbox.org and Posteo: DDoS blackmailers target email providers

Several email providers were hit by DDoS attacks involving demands for money. Posteo, mailbox.org, Runbox, Fastmail, Thexyz, and Guerilla Mail were among those affected. Owing to the attacks, some services without dedicated protection were accessible only to a limited extent.

Find out more

 

Hack on cellular service provider: Attackers had access to billions of text messages for years

Several email providers were hit by DDoS attacks involving demands for money. Posteo, mailbox.org, Runbox, Fastmail, Thexyz, and Guerilla Mail were among those affected. Owing to the attacks, some services without dedicated protection were accessible only to a limited extent.

Find out more

 

Cyber espionage: Remote-access Trojan targeted telecommunications and aerospace companies

Highly evolved “ShellClient” malware was apparently used for years by an Iranian-backed group going by the name of “MalKamak.” Targets included industry-leading companies in the U.S., the Middle East, Europe, and Russia. Complex obfuscation techniques prevented the Trojan from being detected by security systems for a prolonged period of time.

Find out more

 

Massive data breach at Twitch streaming platform

Unknown suspects have published at least 125 gigabytes of internal data belonging to the Amazon subsidiary. This included Git repositories, source code, and an overview of the earnings of all Twitch streamers. Due to a misconfigured server, the data was temporarily accessible from the internet with no protection.

Find out more

 

Best practices, defense, and mitigation

 

DDoS extortion in the name of “Cursed Patriarch”: Is a new attack campaign ramping up?

German companies are once again facing DDoS extortion. Learn what to watch out for in the event of an acute attack and how Myra protects your company from RDoS attacks.

Find out more

 

Secure virtual meetings: BSI publishes minimum standard for video conferencing services

The standard lays out security requirements for planning, procuring, operating, and using suitably designed video conferencing products. It takes into account different operating models such as self-hosted and third-party hosted services. The aim is to create a defined minimum level of information security.

Find out more

 

Law enforcement agencies take servers of ransomware gang REvil offline

Information obtained by Reuters reveals that U.S. law enforcement agencies, together with foreign partners, recently hacked REvil’s technical infrastructure. Since then, the group’s website has been offline. This success has not yet been confirmed by official channels.

Find out more

 

 

Things to know

ISO 27001 based on IT-Grundschutz (IT baseline protection): Myra renews strict BSI certification

BSI-approved: with re-certification according to ISO 27001 based on IT-Grundschutz (IT baseline protection), Myra has once again demonstrated its successful implementation of demanding measures for the protection of corporate IT.

Find out more

September 2021

IT-Security-Trends

Using cybersecurity as a competitive advantage

It’s no secret that the digital systems of banks are heavily reliant on security. The special value of data records and business processes requires the highest standards of protection. This need can be largely met by implementing cybersecurity solutions. With the right strategy, an investment in digital protection pays off many times over.

Find out more

 

Politics in the digital crosshairs: How can we protect the German federal elections?

“The security agencies in Germany are gearing up for disruptions and disinformation campaigns for the Bundestag elections,” is how Arne Schönbohm, President of the Federal Office for Information Security (BSI), outlines the situation. The reality we are confronted with in this election year is that cyber attacks on parties and politicians have been increasing on a massive scale.

Find out more

 

EU Commission: Improved regulatory framework for the IoT

In her State of the Union address, Commission President Ursula von der Leyen announced extensive security measures aimed in particular at securing the IoT. Among other things, uniform cybersecurity standards and measures for the early detection of attacks are to be defined.

Find out more

 

Public sector is particularly threatened by encrypting ransomware

A recent study by security researchers found that ransomware now accounts for 69% of all attacks that use malware. The public sector is the most commonly targeted, followed by healthcare, manufacturing, and industrial companies.

Find out more

 

From bad bots to ransomware: the biggest cyber risks for the healthcare industry

Due to the ongoing digitization of the healthcare sector, systematic protection against cyber risks is becoming increasingly costly. Nevertheless, healthcare companies cannot afford to be weak in this area. Criminals ruthlessly exploit vulnerabilities in critical systems and this is where IT security saves lives.

Find out more

 

Number of zero-day exploits rises to record level in 2021

At least 66 such attacks have already been discovered this year, exploiting vulnerabilities for which no patch is yet available. This means that the number of zero-day exploits has almost doubled over 2020. This is due both to the growing exploit industry and to improved detection methods.

Find out more

 

Cybercrime

Cybercriminals infiltrate UN computer network

Criminals breached the United Nations computer networks earlier this year and stole data that could be used to attack UN facilities. The attackers presumably entered the network using credentials stolen from UN employees, which they procured on the dark web.

Find out more

 

Ransomware & data breach: airline warns customers

Following a ransomware attack, Thai carrier Bangkok Airways fell victim a data breach in which sensitive data of air travelers was accessed. The airline is warning its customers of an increased risk of phishing.

Find out more

 

Over 250,000 devices: Mēris botnet targets Russian internet company

For days, the infrastructure of Russian internet company Yandex was bombarded with requests by the so-called Mēris botnet. The DDoS attack is said to have been the largest of its kind on the RuNet to date.

Find out more

 

Phishing: German politicians on the hit list

German politicians are the target of a wide-ranging phishing campaign that has been underway for several months. Using fake emails, the attackers seek to capture sensitive login credentials of federal and state parliamentarians. The German government blames Russia for the attacks, and the Federal Public Prosecutor General is investigating.

Find out more

 

Data leak at French shipping company

A cyber attack resulted in a data breach at CMA CGM in which sensitive customer data was leaked. Only last year, the French shipping company was impacted by a serious ransomware attack that took down the company’s systems for an extended period of time.

Find out more

 

Hospital group forced to take IT systems offline after cyber attack

Among others, hospitals and educational institutions belonging to SRH Holding in Baden-Württemberg were affected. For security reasons, they temporarily reverted to analog operations using pen and paper. The State Office of Criminal Investigations has launched an investigation.

Find out more

 

 

 

Best practices, defense, and mitigation

FBI advises on ransomware prevention

U.S. security authorities have identified an increased risk potential for ransomware attacks at companies in the food and agriculture industries. In order to protect critical supply chains from disruptions, affected companies should implement appropriate protective measures.

Find out more

 

BrakTooth: Bluetooth vulnerabilities put smartphones, tablets, notebooks, and IoT devices at risk

Security researchers have discovered a number of security vulnerabilities in the Bluetooth software of many well-known vendors. Devices from chip manufacturers such as Intel, Qualcomm, Texas Instruments, Infineon (Cypress), and Silicon Labs are affected. Among other things, the vulnerabilities can be exploited by cybercriminals to disable Bluetooth devices within radio range or to execute malicious code on the systems.

Find out more

 

Connected car: BSI advocates cybersecurity standards

The German Federal Office for Information Security (BSI) spoke out in favor of uniform standards for securing networked vehicles at the IAA Mobility auto show. “When cars are networked with other cars or with the road infrastructure, we need to know that we are protected from attempts by third parties to tamper with them while driving,” said BSI President Arne Schönbohm, explaining the threat situation.

Find out more

 

 

Things to know

What is an e-prescription?

Making bank transfers, placing orders or, for example, submitting tax returns—many things in everyday life are now done online. Doctor’s prescriptions will also be a part of this in the near future.

Find out more

 

What is an HTTP flood attack?

An HTTP or HTTPS flood is a form of distributed denial of service (DDoS) attack that attempts to overload a web server or web application with a flood of HTTP/S requests. Such DDoS attacks on the application layer are among the most common forms of attacks today.

Find out more

August 2021

IT-Security-Trends

 

223 billion euros in damage caused by cyber attacks – why the number of unreported cases is much higher

When critical infrastructure is attacked, the actual damage is far greater and all of us are potentially impacted. That is why the protection of critical infrastructure plays a crucial role for the well-being of us all.

Find out more

Cyber incidents are the greatest risk to the financial sector

Almost half of the industry representatives surveyed by Allianz Global Corporate & Specialty (AGCS) see this as the greatest threat. Increasing compliance challenges due to stricter regulation are also a concern for financial entities.

Find out more

Attacks on IIoT platforms in healthcare on the rise

Among other things, magnetic resonance imaging (MRI), computed tomography (CT), and medical devices for remote patient monitoring are affected. Nearly 60 percent of IT decision-makers rate the current threat situation with regard to cyber attacks as “high.”

Find out more

Critical infrastructure working group: IT infrastructure in Germany is “extremely vulnerable”

Smaller companies, organizations, and municipalities in particular are often inadequately protected against digital attacks. At the same time, attackers are acting more professionally and increasingly targeting critical infrastructure.

Find out more

IBM report: Average cost of data breaches rises to a record $4.24 million

German companies are in fact above the global average, with costs of $4.84 million per data breach. Identifying and containing a breach takes an average of 151 days in this country.

Find out more

Billions of euros in damage from attacks on remote workplaces

According to calculations by the Institut der deutschen Wirtschaft (German Economic Institute), companies in Germany incurred losses of 52.5 billion euros last year as a result of attacks on remote workstations. The number of unreported cases is likely much higher.

Find out more

 

Cybercrime

 

Cyber extortionists attack savings banks association

The attack was carried out via the email system, which subsequently had to be completely shut down. The IT systems of the member savings banks and the IT service provider were not affected.

Find out more

Cyber attack cripples Italian vaccination portal

The attack on the official website of the central Italian region of Lazio made the booking portal for COVID vaccination appointments unavailable for days. It is unclear who is behind the attack.

Find out more

Attacker steals over $610 million in cryptocurrencies – and then returns them

The attack on the Poly Network platform is considered the largest theft of cryptocurrencies to date. Around two weeks later, the entire haul was transferred back. As a “thank you,” the hacker received roughly USD 500,000 and a job offer as a security consultant.

Find out more

Massive data breach at T-Mobile US

Unknown attackers gained access to customer data of Deutsche Telekom’s U.S. subsidiary. They stole millions of records containing, among other things, names, phone numbers, addresses, and social security numbers.

Find out more

Criminals blackmail IT consulting firm Accenture

During the attack, around 2,500 computers were allegedly encrypted with LockBit ransomware. Accenture was able to restore the affected systems using backups. However, the blackmailers threatened to publish the stolen data.

Find out more

Fight against cyber attacks: Amazon, Google, and Microsoft cooperate with US government

The Joint Cyber Defense Collaborative (JCDC) initiative will pool the expertise and resources of the government and the private sector to defend against cyber attacks. The initial focus will be on combating ransomware.

Find out more

 

 

Best practices, defense, and mitigation

 

The lessons from the cyber disaster in Anhalt-Bitterfeld

For maximum security, government agencies and municipalities should review and adapt existing protective measures. Specialized service providers can help with this.

Find out more

Convenience and data security for e-health are compatible

Combining convenience with certified data security will increase the acceptance of e-health products and services. Experienced specialist service providers can help by lending their expertise.

Find out more

“Smart Hospitals” project: Guidelines for practicable IT protection in hospitals

The updated catalog of measures from the CODE research institute at the Universität der Bundeswehr (University of the German Armed Forces) describes around 40 technical and organizational measures that are based on the state of the art and specifically targeted at hospitals.

Find out more

 

 

Things to know

 

BaFin amends MaRisk and BAIT: Higher compliance requirements for banks

Cybersecurity is becoming an even greater focus of supervisory attention. Institutions must prepare for new or more specific regulations related to outsourcing, contingency management, and effectiveness controls.

Find out more

July 2021

IT-Security-Trends

 

Critical infrastructure operators remain the focus of attacks: Myra Security spreads the warning of the Fancy Lazarus attack campaign

A group of hackers that goes by the name of Fancy Lazarus has been blackmailing companies in the telecommunications, health, and finance sectors for weeks now. The attacks on such critical infrastructures are extremely dangerous.

Find out more

KPMG: IT security gives banks a decisive competitive advantage

Many financial institutions still have some catching up to do when it comes to IT security. IT security forms the basis for new digital business models, which in turn create opportunities for further growth.

Find out more

Cybercriminals increasingly exploit zero-day vulnerabilities

This year alone, Google’s Project Zero has uncovered 33 previously unknown vulnerabilities that have been actively abused to perpetrate attacks. This corresponds to a 50-percent increase compared to the previous year.

Find out more

German actors are identified as having serious IT security deficiencies

When investigating the IT systems of major German actors, security researchers from the Fraunhofer Society discovered “numerous serious weaknesses.” These made it possible to intercept emails as well as access, delete, or otherwise manipulate data.

Find out more

Passing a security audit, e-prescriptions get the green light from the BSI

Now that the BSI has approved it, nothing now stands in the way of releasing the e-prescription app on the popular mobile app stores. Having completed a regional test phase, the e-prescription will be introduced nationwide in the fourth quarter of 2021.

Find out more

 

 

Cybercrime

 

Cyber attack on Kaseya: Up to 1,500 companies around the world affected

Criminals infected the systems of IT service providers and their customers with ransomware via a zero-day vulnerability in Kaseya’s remote maintenance software. They asked for USD 70 million in Bitcoin in exchange for the decryption key.

Find out more

An administration paralyzed: Ransomware attack triggers the first nationwide declaration of a cyber state of emergency

As a result of the attack, the Administration of the District of Anhalt-Bitterfeld stopped being able to function. For example, it could no longer pay out social security benefits. The district administrator declared a state of emergency to facilitate a swifter response.

Find out more

Cyber extortionists attack a hospital in Lower Saxony

After an attack, the Wolfenbüttel Hospital was forced to shut down its IT systems as a defensive precaution and conduct its paperwork manually in the meantime. However, the hospital reported that the attack did not interfere with the provision of medical care.

Find out more

“PrintNightmare”: Cybercriminals actively exploit printer vulnerabilities in Windows

A vulnerability in the Windows print spooler that is classified as critical allows attackers to take control of vulnerable systems remotely. Microsoft has since published a patch that should be installed as soon as possible.

Find out more

Data theft from a Hessian insurance company

A cyber attack massively disrupted the business operations of the insurance company Haftpflichtkasse. The IT systems had to be taken offline temporarily. It is still being determined which data in particular was compromised.

Find out more

E-commerce platform operator admits data leak

Cybercriminals have gained access to contract and address data belonging to customers, partners, employees, and external service providers at the Spread Group. Password hashes as well as bank details and PayPal addresses were also tapped.

Find out more

Cyber attack on British railway company paralyzes digital ticket machines

The reason for the days-long failure of the more than 600 touchscreen devices was a suspected ransomware attack on the operating company’s server. As a result, passengers were forced to reserve their tickets online and pick them up at the counter.

Find out more

Security authorities warn of global brute force attacks by Russian hacking group

According to reports by government agencies, the campaign aims to crack login data and then skim off data. All types of companies and organizations are affected, from governments to energy companies and universities.

Find out more

 

Best practices, defense, and mitigation

 

Qualified DDoS protection: Myra fulfills all 37 BSI requirements

The German Federal Office for Information Security (BSI) has updated its overview of qualified DDoS mitigation service providers. Myra Security is once again listed as one of the leading providers that fulfills all 37 performance criteria.

Find out more

“Fancy Lazarus”: What to do in the event of an attack

The activities of DDoS extortionists in the DACH region continue to increase significantly. Learn what to watch out for in the event of an acute attack and how Myra protects your company from RDoS attacks.

Find out more

German medium-sized companies are not adequately prepared for cyber threats

According to a Forsa survey commissioned by the German Insurance Association (GDV), half of these companies have no plan for how to deal with cyber attacks. As a result, companies react too slowly in the event of an attack and risk incurring serious damage.

Find out more

Adapting to the intensified threat situation, BSI conducts an extensive hiring campaign

According to Federal Interior Minister Horst Seehofer, the BSI is currently doubling its staff. “And this process will and must continue, because crime in cyberspace is an ever increasing problem.” Not only is this is the greatest challenge of the next few years, it is the agency’s biggest priority, period.

Find out more

 

 

Things to know

 

A disruption targeting Internet service providers causes many websites to fail

Due to a problem with Akamai’s Edge DNS service, numerous websites became unreachable for up to an hour. The global outage affected financial and logistics companies, airlines, e-commerce providers, and news portals, among others.

Find out more

What are DiGA?

Digital health applications (DiGA) are virtual medical products that are available as apps for mobile devices or as browser applications. The prescription apps are used for self-diagnosis, as electronic diaries for diabetics and medication plans, as well as in other areas. The solutions require a prescription and must be approved by the Federal Institute for Drugs and Medical Devices (BfArM).

Find out more

June 2021

IT-Security-Trends

 

Security vulnerabilities in health apps:

According to a study by the German Federal Office for Information Security (BSI), many health apps for smartphones and tablets are not adequately protected against the threat of cyber attacks.

Find out more

 

Coronavirus test centers: Serious IT security concerns:

The “Zerforschung” hacker collective was able to retrieve thousands of personal data records from an operator’s 34 test centers with little effort. The data includes test results, names, addresses as well as the ID numbers of the individuals tested.

Find out more

 

Cloud Monitor 2021: Enterprises demand performance, security and compliance:

There is a suitable cloud solution for practically every application scenario these days. When choosing a cloud service provider, companies pay close attention to the performance of the service, data security and compliance with existing data protection regulations.

Find out more

 

Problems at cloud service provider cause worldwide outages:

As a result of technical problems at the cloud service provider Fastly, many popular web portals were inaccessible for around an hour on June 8. In addition to the British government’s website, the news sites of Le Monde, the New York Times, the Financial Times, the Guardian, CNN and the BBC also briefly went offline.

Find out more

 

Cybercriminals have no honor among thieves:

Recent studies of ransomware confirm the warnings of security experts not to give in to the demands of criminals in the event of an attack. In 45 percent of all cases investigated, the affected data was unable to be decrypted or only partially decrypted, despite the ransom having been paid.

Find out more

 

Cybercrime

 

 

DDoS attack cripples online banking:

A series of DDoS attacks on an IT service provider of Volks- und Raiffeisenbanken led to extended disruptions to online banking. Other institutions connected to the service provider, such as some Sparda banks and private financial institutions, were also affected by the attacks.

Find out more

 

Ransomware brings food processor to its knees:

American meat packing company JBS Foods was forced to give in to the demands of cybercriminals. The company paid the equivalent of USD 11 million to regain access to its encrypted data. As a result of the attack, operational disruptions occurred at several sites around the world.

Find out more

 

More than 100 government agencies hit by ransomware attacks:

According to a survey by BR and Zeit Online, in most cases cyber extortionists managed to penetrate the IT systems of government offices, state-owned hospitals, government agencies, municipalities and courts and encrypt data. The total number of attacks is likely to be significantly higher.

Find out more

 

VW data breach affects more than 3 million U.S. customers:

Cybercriminals stole the personal information from approx. 3.3 million VW and Audi customers in the USA and Canada. Some of this included sensitive data such as US social security and bank account numbers.

Find out more

 

Hit job on the darknet:

A 41-year-old woman from Dresden allegedly arranged a murder for hire on the darknet for 0.2 bitcoin (the equivalent of about EUR 8,000 at the exchange rate at the time). According to media reports, the target was the 23-year-old girlfriend of her estranged husband. As part of an investigation, journalists from Der Spiegel learned of the hit job and notified authorities. The accused must now stand trial for incitement to murder. She faces a prison sentence of up to 15 years.

Find out more

 

 

Things to know

 

EU planning special unit for cybersecurity:

The EU Commission wants to set up a cybersecurity unit to counter the increasing threat posed by hacker attacks. Specialized teams will provide on-site assistance in member states to defend against attacks in the future. The cyber unit is scheduled to be formed by mid-2022. Prior to this, EU member states must approve the planned concept.

Find out more

 

Responding to automated attacks with self-learning defenses:

An increasing number of companies are turning to self-learning security systems to respond to the growing threat of AI-based cyber attacks. According to a Capterra study, smart defense systems are already in use by 36 percent of the IT managers surveyed, and another 44 percent are interested in adopting such systems.

Find out more

 

Things to know

 

Myra demonstrates competence in critical infrastructure: Audit confirms the highest security standards:

Myra has successfully undergone a voluntary security audit of the critical infrastructure sectors of information technology and telecommunications as well as finance and insurance in accordance with Section 8a of the BSI Act (BSIG).

Find out more

 

Close cooperation with BSI: Myra contributes expertise to cyber security alliance:

As a new ACS partner, Myra is committed to improving digital security in Germany. Together, we want to sensitize companies and raise awareness about the topic.

Find out more

 

#WTI21: Cybersecurity is the new Made in Germany:

At the German Economic Council’s Day of Innovations, the head of the BSI, Arne Schönbohm, spoke with Myra CEO Paul Kaffsack about cybersecurity as a driver of innovation for Germany. Where do we stand and what do we need for global success?

Find out more

 

Digital bank heists: Bonnie and Clyde would be hackers today:

Digitization is creating new attack surfaces for cybercriminals and scammers in the financial industry. Banks have to continuously adapt to new vectors and methods of attack to protect their digital assets.

Find out more

 

What is edge computing?

In IT, edge computing is the processing of data at the network edge. The technology is a distributed computing paradigm that takes a decentralized approach. Instead of sending data from devices to central systems or the cloud for processing, edge computing processes the information where it is needed – at the edge of the network.

Find out more

May 2021

IT-Security-Trends

 

Verizon report: attacks on web applications on the rise:

According to Verizon’s latest Data Breach Investigations Report, attacks on web applications are the second most common type of attack after DDoS. The number of phishing and ransomware attacks increased by 11 and 6 percent, respectively, year over year.

Find out more

 

Allianz: cyber incidents are the greatest risk to the financial industry:

According to an analysis by Allianz Global Corporate & Specialty, cyber attacks, system failures, and data breaches are the most common causes of damage. Together, they account for twelve percent of all losses in the past five years, totaling around 870 million euros.

Find out more

 

Three-quarters of all financial institutions have seen more cyber attacks since the pandemic began:

On average, the increase was 29 percent, according to the “COVID Crime Index” from BAE Systems. In particular, attacks employing botnets, ransomware, and phishing increased significantly. Despite the heightened threat situation, security budgets were cut by 26 percent.

Find out more

 

New regulation provides for stricter security requirements for certain operators of critical infrastructure:

According to a draft reform by the German Federal Ministry of the Interior, around 270 new companies will fall under the new critical infrastructure regulation, primarily power producers. In the future, they will have to meet special reporting and certification requirements and comply with minimum standards.

Find out more

 

HP report: remote work increases cybersecurity risks:

Two-thirds of office workers from Germany also use their work device for private purposes when working from home. 16 percent even let family members or friends use it. As a result, 54 percent of IT decision-makers registered a higher number of phishing attacks and malware infections.

Find out more

 

 

Cybercrime

 

 

Cybercriminals extort millions in ransom from largest U.S. pipeline operator:

As a result of a ransomware attack, Colonial Pipeline had to temporarily completely shut down operation of its main pipeline. This caused shortages in fuel supplies in the eastern USA for days on end. The operator ultimately gave in and paid a ransom of $4.4 million.

Find out more

 

Ransomware attack hits Irish health service HSE:

The precautionary shutdown of key IT systems had a serious impact on healthcare. For example, networked hospitals were unable to access patient data. The Irish government declared that it would not be paying a ransom.

Find out more

 

AXA insurance group targeted by ransomware attackers:

Shortly after AXA announced a partial exit from the ransomware insurance business, several of its locations in Asia became targets themselves. The cybercriminals are threatening to publish stolen customer data if AXA does not comply with their ransom demand.

Find out more

 

Federal Criminal Police Office (BKA) situation report: cybercrime continues to rise:

The number of cybercrime cases recorded by the Federal Criminal Police Office rose by approx. eight percent to over 108,000 last year, meaning that the authority registered more than twice as many cybercrimes as in 2015. Most recently, vaccination portals and the vaccine supply chain were targeted by cybercriminals.

Find out more

 

DDoS attack cripples websites and services of numerous Belgian government agencies:

About 200 state organizations were affected by the massive attack on Belnet, the internet service provider, including public administrations, ministries, universities, research institutes, and hospitals.

Find out more

 

 

 

Things to know

 

Convenience and data security for e-health are compatible:

E-health services such as electronic patient records and e-prescriptions are provided on a voluntary basis. Their acceptance depends to a large extent on trustworthiness and convenience. Digital data protection and security measures are therefore essential, but solutions must also offer a high level of convenience and performance. These apparent contradictions are compatible.

Find out more

 

BSI president sees risk for hospitals:

In an interview with Die Zeit, the head of the German Federal Office for Information Security (BSI), Arne Schönbohm, and BSI expert Dirk Häger explained the digital threat situation in Germany. In their estimation, the risk posed by cyber incidents is also increasing for critical infrastructure. Attackers are increasingly employing complex attack patterns and the number of attacks is rising.

Find out more

 

IT security creates a foundation of trust for e-health solutions:

In the healthcare sector, digital solutions are increasingly being used in administration, diagnostics, and treatment. Security and data protection are given top priority in order to promote social acceptance of e-health.

Find out more

 

Financial regulator steps up controls on IT and cybersecurity:

In light of advancing digitalization, cyber risks are becoming an even greater focus for the German Federal Financial Supervisory Authority (BaFin). The supervisory authority is paying particular attention to the outsourcing of IT services.

Find out more

 

EU cloud: 5 reasons why GAIA-X is so important for Europe:

GAIA-X is intended to promote cloud computing on a European level as a hybrid data platform. More than 350 companies and organizations are involved in setting up the lighthouse project—and for good reasons.

Find out more

 

What is IT compliance?

IT compliance describes adherence to legal, internal, or contractually prescribed requirements for the IT of an organization. These requirements are made up of various requirements for IT security, data protection, availability, and integrity that apply to systems and processes.

Find out more

 

What is open source?

Open source generally refers to software whose source code is freely available and can be viewed by independent third parties. Depending on the underlying open source license, it can also be used, changed, and redistributed more or less freely. However, no license fees may be charged.

Find out more

April 2021

IT-Security-Trends

 

 

US cloud use: Supervisory authorities intensify their investigations into data protection violations:

After the end of the Privacy Shield, data transfers from Europe to the USA are now only possible in the rarest cases in compliance with the GDPR. German government agencies now want to carefully examine whether companies are violating EU law by using US cloud services.

Find out more

 

Almost 50% of German companies have been affected by cyber attacks during the past year:

According to the “Hiscox Cyber Readiness Report 2021”, the proportion rose from 41% to 46% year-over-year. Compared to other companies internationally, German companies sustained the highest average total costs from cyber attacks. That is why most investments are currently being made in cybersecurity in this country.

Find out more

 

The Bundestag passes IT Security Act 2.0:

The amended law is intended in particular to ensure more IT security for critical infrastructures. “Untrustworthy” suppliers may be prevented from expanding their networks in the future. In addition, thanks to its new powers, the BSI is playing a more active role in combating cyber incidents.

Find out more

 

BSI: IT security too often falls by the wayside in the boom of people working from home caused by the pandemic:

According to a BSI survey, 58% of companies want to maintain or expand the number of employees working from home, even after the pandemic is over. According to BSI President Arne Schönbohm, IT security has not been given the budgets, processes, and people that it needs.

Find out more

 

Report: Mobile devices are the biggest IT security threat to businesses

This is the view of 40% of the companies surveyed for the Verizon Mobile Security Index 2021. The switch to remote work driven by the coronavirus pandemic and the increasing use of mobile devices has increased the size of the virtual attack surface immensely.

Find out more

 

US Federal Reserve chief sees cyber attacks as the greatest risk for financial institutions:

In a TV interview with CBS News, Jerome Powell stated: “I would say that the risk that we monitor most closely is cyber risk.” Many governments, corporations and, above all, financial entities have also shared this concern and therefore invested more heavily in their cyber defense.

Find out more

 

Study confirms some serious deficiencies in IT security at German hospitals:

More than one-third of the 1,555 hospitals that were examined exhibited shortcomings. Of a total of 1,931 vulnerabilities discovered, over 900 were classified as critical. One-fifth of the hospitals with security deficiencies were critical infrastructure facilities.

Find out more

 

 

Cybercrime

 

The personal data of 533 million Facebook users was leaked:

The data records, which were posted for free on a hacking forum, mainly consist of phone numbers, but they also include 2.5 million email addresses as well as such personal information as name, gender, date of birth, place of residence, relationship status, and employer.

Find out more

 

Cyber criminals put up the data of half a billion LinkedIn users for sale:

The records include publicly available information, such as name, gender, email address, and phone number. According to LinkedIn, however, this data does not contain any private profile data. The entire data collection is expected to fetch at least a four-digit sum at auction.

Find out more

 

Data leak at Clubhouse: 1.3 million users are affected:

In contrast to the profile data of Facebook and LinkedIn users that was leaked just a few days before, the Clubhouse records contain neither email addresses nor phone numbers. However, there is still a risk that the published data can be abused for attacks.

Find out more

 

Update recommended: Microsoft closes other critical vulnerabilities in Exchange Server:

Microsoft has again released security updates for its email software, this time eliminating four critical vulnerabilities in Exchange Server 2013, 2016, and 2019. The BSI warned companies that they should install the newly released patches as quickly as possible.

Find out more

 

Smishing wave: Users are receiving an increased number of fraudulent SMS messages masquerading as shipment tracking numbers:

The BSI warns users to be on the look out for fraudulent SMS messages about package deliveries and the like. After opening a link, recipients are asked to install an app that is supposedly required for shipment tracking. However, it is actually malware.

Find out more

 

Thousands of coronavirus test results have been published on the internet:

Due to a security flaw in a test center website, users were able to obtain the test results for test subjects online without any access restriction, including their personal data, such as name, telephone number, email address, address, and date of birth.

Find out more

 

Cyber attack disrupts operations at Lippstadt hospital:

The attack paralyzed the entire IT infrastructure, including the software that was used for patient documentation. As a result, the hospital had to stop admitting patients. It transferred emergency patients to primary care and canceled all scheduled elective surgeries.

Find out more

 

DDoS attacks once again bring down the Brandenburg school cloud:

The learning platform used by most schools in Brandenburg and Berlin became inaccessible due to a botnet-based DDoS attack. There had already been outages in January due to a similar attack involving a massive number of unauthorized attempts to access the platform.

Find out more

 

 

Things to know

The end of Privacy Shield and what happens next

Privacy Shield was an informal agreement between the U.S. and the EU intended to ensure compliance with European data protection standards for data transfers to the U.S. Find out more about the reasons for the repeal of the agreement and what you need to consider when working with cloud service providers.

Find out more

 

What is a patch?

A patch is a software update for an existing application or operating system to resolve bugs (errors) or vulnerabilities. Good planning and clear processes when it comes to patching are essential for minimizing many cyber risks for companies.

Find out more

March 2021

IT-Security-Trends

 

Banks need to adapt their cybersecurity strategy to changes in the threat situation:

With increasing digitization, customer needs and virtual attack surfaces have also increased. That is why it is no longer enough to secure only your systems. The security strategy must also include customers and their protection

Find out more

 

Cybersecurity in financial institutions: Not an issue for technology experts alone:

Staff and management should have no reservations when it comes to cybersecurity and should develop a minimum level of understanding of what it entails. This helps to raise awareness and thus improves the level of protection.

Find out more

 

The European Council stresses the vital importance of cybersecurity for a digital Europe:

The Council’s conclusions on the recently adopted EU cybersecurity strategy, presented in December 2020, set the key objective of achieving strategic autonomy while maintaining an open economy. To this end, the ability to make autonomous decisions in the area of cybersecurity must also be strengthened.

Find out more

 

International study shows that German hospitals need to catch up in terms of digitization:

In an international comparison, the 52 German hospitals surveyed scored well in data protection and data security. However, they lag behind in interoperability and public health, and when it comes to patient orientation and patient-centeredness, they land at the bottom of the list.

Find out more

 

E-commerce increasingly under threat from DDoS and ransomware attacks:

To protect themselves from these and other threats, online store operators need to adapt their security strategy. State-of-the-art measures are required to detect, analyze, and defend against attacks. Security and data protection also form the basis for customer trust.

Find out more

 

Dark Web Price Index 2021: stolen online banking credentials starting at $40:

Significantly more stolen credit card details and online banking logins were traded on darknet marketplaces in 2020 than in the previous year. Fake ID documents, email databases, malware, and DDoS attack tools are also very popular. Not only the quantity, but also the variety of illegally offered data and goods has increased.

Find out more

 

Cybercrime

European Banking Authority (EBA) impacted by Microsoft Exchange attack:

As a result of the wave of attacks on Microsoft Exchange servers that began in early March, Europe’s banking regulator had to take its mail system offline temporarily. According to the government agency, the attack did not go beyond the mail system. It announced a full investigation.

Find out more

 

Members of the Bundestag and state parliaments targeted by spear phishing attacks:

According to media reports, cyber attackers have attempted to compromise the email accounts of at least seven members of the Bundestag and 31 state parliaments, as well as dozens of political activists. The Russian military intelligence agency GRU is suspected of having been behind the campaign. Security agencies are now warning of possible Russian disinformation campaigns.

Find out more

 

136,000 corona test results publicly available on the internet:

Due to a security vulnerability in a service provider’s software for coronavirus test centers, other users’ quick test results were accessible with a normal user account – including personal data such as name, address, date of birth, citizenship, and ID number.

Find out more

 

Data breach of Lufthansa’s “Miles and More” frequent flyer program:

As part of an attack on the aviation IT service provider Sita, cyber attackers stole passenger data from Star Alliance partners. Approx. 1.35 million Lufthansa Miles and More customers were also affected by the incident. However, no passwords, email addresses, or other personal data are said to have been stolen.

Find out more

 

Cyber attackers hack into 150,000 surveillance cameras at Tesla, police departments, and schools:

The attackers allegedly gained access to the systems of the operator company Verkada by means of login data for a “Super Admin” account that was publicly exposed on the internet. This gave them direct access to tens of thousands of cameras and Verkada’s customer video archive.

Find out more

 

Things to know

What is an Information Security Management System (ISMS)?

An information security management system (ISMS) defines policies and procedures to ensure, manage, control, and continuously improve information security in a company.

Find out more

 

Internet of Things (IoT) – from vending machines to Industry 4.0:

The Internet of Things is a network of devices and systems connected to the Internet. Each networked object has a unique identifier and can interact with other objects to perform tasks fully automatically.

Find out more

 

What is a blockchain? Definition, how it works, benefits and drawbacks:

Blockchains are decentralized lists of records consisting of individual blocks linked using cryptography. In these distributed records, information of any kind can be documented as transactions that are tamper-proof, transparent, and cannot be altered.

Find out more

 

Darknet: the dark side of the internet?

All hidden online networks and services are subsumed under the term darknet. It is a part of the internet that can only be accessed via special client software and cannot be found using ordinary search engines such as Google, Bing, or DuckDuckGo.

Find out more

 

Opportunities and risks of 5G:

5G stands for the fifth generation of mobile telecommunications. The new communication standard builds upon its predecessor 4G (LTE), but enables significantly faster data transmission with minimal latency and thus entirely new application areas.

Find out more

February 2021

IT-Security-Trends

 

Industrial plants and critical infrastructure are increasingly experiencing security vulnerabilities:

In the second half of 2020, a total of 449 vulnerabilities were discovered in industrial control systems. 71% of them were exploitable remotely. The most vulnerable are the critical infrastructure sectors of manufacturing, power and water supply.

Find out more

 

Cybersecurity in financial institutions: Not an issue for technology experts alone:

Staff and management should have no reservations when it comes to cybersecurity and should develop a minimum level of understanding of what it entails. This helps to raise awareness and thus improves the level of protection.

Find out more

 

More than 100 financial service providers were the target of DDoS extortion attacks in 2020:

The cybercriminals threatened to cripple their victims’ websites and digital services until a ransom was paid. In addition to banks, FinTechs, stock exchanges, insurance companies, credit bureaus, asset managers, and other financial service providers were also impacted.

Find out more

 

Following the Wirecard scandal: BaFin wants to increase oversight of mobile bank N26:

According to media reports, the financial supervisory authority will in future classify N26 as a financial holding company in order to oversee not only the banking subsidiary, but the entire company. The tighter control is seen as BaFin’s reaction to the Wirecard accounting scandal.

Find out more

 

GDPR violations in Germany: 60% more fines in 2020:

Fines across Germany totaled approx. €48 million. The highest fine was issued against fashion retailer H&M at €35.3 million, followed by Notebooksbilliger.de at €10.4 million. The number of fines imposed rose to 301 in 2020, up from 187 in the previous year.

Find out more

 

What lessons can companies learn from GDPR fines?

Data protection authorities repeatedly impose fines in the millions as a deterrent, most recently against Notebooksbilliger.de. To avoid such penalties, companies should take data protection seriously and analyze exactly where internal violations of the GDPR might exist.

Find out more

 

BSI’s IT-Grundschutz Compendium now includes web applications and vehicle IT:

The BSI has updated its IT-Grundschutz Compendium and added the modules “CON.10 Development of Web Applications” and “INF.11 General Vehicle.” Several of the other 95 Grundschutz modules have been fundamentally revised in the 2021 edition.

Find out more

 

Otto CIO: “Digitization will not work without an appropriate level of cybersecurity”:

Despite stagnating IT budgets, investments in security measures must increase because attacks are becoming increasingly complex and threaten business continuity. The topic of cybersecurity should also be regularly discussed and decided at the executive board level.

Find out more

 

 

Cybercrime

Cyber attackers sabotage drinking water supply in the US state of Florida:

Unidentified individuals remotely manipulated the input of chemicals at a water treatment plant. They increased the level of sodium hydroxide in the water to a potentially dangerous level. However, the sabotage was able to be reversed in time.

Find out more

 

Security experts: Cyber threat situation remains tense:

The majority (57%) of IT security experts surveyed by eco, the German Association of the Internet Industry, believe that the German economy is inadequately protected against cybercrime. More than three-quarters expect the threat situation to continue to grow.

Find out more

 

Ransomware attack on Urological Clinic Munich-Planegg:

The attackers encrypted some of the clinic’s IT systems and demanded a ransom. Apparently, they also gained access to confidential patient records. The public prosecutor’s office in Bamberg is investigating.

Find out more

 

Cyber extortionists publish customer data stolen from an internet provider in Kassel:

The leaked data comes from an attack on Netcom Kassel’s customer and communication systems. By releasing the data, the blackmailers wanted to persuade the provider to meet their ransom demand.

Find out more

 

Microsoft warns of a new supply chain attack method:

In a “confusion attack,” software packages contaminated with malware can be injected into IT systems by being automatically installed as dependencies. To do this, attackers only need to know the name of internal packages and create packages using the same name and malicious code in public package sources.

Find out more

 

“COMB”: Collection of more than 3 billion credentials published:

The “Compilation of Many Breaches” (COMB), which surfaced in a hacking forum, contains compromised login data for email accounts and online services such as LinkedIn and Netflix. A website allows you to check whether your own email address is included in the collection.

Find out more

 

Cybercriminals make off with several billion US dollars in cryptocurrencies in 2020:

Last year saw 122 successful attacks on blockchain wallets and exchanges take place. More than a third of the attacks targeted decentralized Ethereum apps. This resulted in damages averaging approx. $9 million per attack.

Find out more

 

Things to know

Cybersecurity protects new business models:

During the crisis, more customers have come to appreciate digital banking and payment services. Banks are responding with new products and services. Cybersecurity is essential to remain digitally competitive.

Find out more

 

What is DORA (Digital Operational Resilience Act)?

The Digital Operational Resilience Act, or DORA for short, provides for the introduction of a comprehensive regulatory framework at the EU level that includes regulations on digital operational resilience for all supervised financial institutions.

Find out more

 

What is the Tor network?

Tor is a network solution for anonymizing communications on the internet. Tor’s technological approach is based on “onion routing,” in which communications on the internet are obfuscated via different and variable routes.

Find out more

January 2021

IT-Security-Trends

IT security deficiencies in over a third of German hospitals:

A survey of publicly accessible network access points at 1,555 hospitals found more than 900 critical vulnerabilities, which can often be traced back to outdated servers and software as well as inadequately secured databases.

Find out more

 

BSI study: networked medical devices have an average of 15 security vulnerabilities:

The BSI uncovered a total of 150 vulnerabilities in ten products from five categories, such as insulin pumps and pacemakers. In many cases, the vulnerabilities were not found in the devices themselves, but in the associated infrastructure.

Find out more

 

EU imposes more than €306 million in fines for GDPR violations in 2020:

Google and Amazon had to pay more than a third of the fines (around €135 million) in France. The highest number of violations was in Spain, with 76. In Germany, three fines totaling just over €37 million were issued.

Find out more

 

Following the Wirecard scandal: BaFin wants to increase oversight of mobile bank N26:

According to media reports, the financial supervisory authority will in future classify N26 as a financial holding company in order to oversee not only the banking subsidiary, but the entire company. The tighter control is seen as BaFin’s reaction to the Wirecard accounting scandal.

Find out more

 

An alternative to the Privacy Shield: EU privacy advocates welcome new standard contractual clauses for US data transfers:

The transfer clauses being planned are intended to continue to allow the transfer of customer data from the EU to third countries such as the USA after the European Court of Justice overturned the EU-US Privacy Shield in July 2020. However, data privacy advocates still see room for improvement in some areas.

Find out more

 

New BSI standard 200-4: Emergency Management becomes Business Continuity Management:

The revised and modernized 200-4 standard replaces the old 100-4 standard and provides practical guidance on setting up a business continuity management system. It is currently available as a community draft open for comments until the end of June.

Find out more

 

Transition of power in the White House: Biden administration makes cyber security top priority:

The new U.S. president has appointed the former NSA director for cybersecurity to his National Security Council, where she will assume the newly created position of deputy national security adviser for cyber and emerging technology. Biden’s predecessor, Donald Trump, entirely eliminated the role of cybersecurity coordinator in 2018.

Find out more

 

Cybercrime

 

 

Investigators succeed in striking blow against “Emotet” malware:

As part of a concerted international effort, law enforcement agencies have seized and dismantled Emotet’s infrastructure. The malware was considered one of the most destructive in the world. In Germany alone, it caused at least €14.5 million in financial losses.

Find out more

 

BKA warns of “significant increase” in DDoS attacks:

According to the German Federal Criminal Police Office, attackers are primarily targeting companies and platforms involved in the remote working and homeschooling sectors. Many attacks are also related to the COVID-19 vaccination campaign.

Find out more

 

DDoS attacks on learning platforms impact online classes:

In many German states, digital distance learning did not start as planned. In addition to technical defects, DDoS attacks were the main cause of a number of learning platform outages. Denial of service attacks hit systems in Brandenburg, Rhineland-Palatinate, and Saarland.

Find out more

 

SolarWinds hack: German government agencies and companies also potentially at risk:

SolarWinds products are used in at least 16 federal agencies and ministries. However, according to the federal government’s current information, there has been no unauthorized access to federal administration systems via the Sunburst Trojan.

Find out more

 

Investigators take down world’s largest darknet marketplace:

With nearly 500,000 users, over 2,400 sellers, and more than 320,000 transactions with a combined value of approx. €140 million, DarkMarket was considered the largest illegal marketplace in the world. It was mainly used to trade in drugs, counterfeit money, stolen credit card data, and malware.

Find out more

 

Beware of targeted phishing attacks on high-level executives:

An ongoing phishing campaign is attempting to use social engineering to obtain credentials from C-level managers. Potential victims receive a deceptively real-looking email claiming that their Office 365 password is about to expire.

Find out more

 

 

Things to know

Corona: increasing security and liability risks:

Digitalization, accelerated by the pandemic, provides opportunities for new business models and more flexible ways of working. This is, however, accompanied by the threat of massive security and liability risks. While the focus has so far been primarily on business continuity, security should be at the forefront in 2021.

Find out more

 

Digital protection of vaccination campaigns creates trust:

Corona vaccination campaigns have begun in many places. Protecting the digital processes created for this is crucial for success.

Find out more

 

IT security as outsourcing according to MaGo and section 32 VAG

In the insurance industry, processes traditionally provided by the insurance company itself are frequently outsourced. The regulatory requirements for this are defined in MaGo (Minimum Requirements for the Business Organization of Insurance Undertakings) and section 32 VAG (Insurance Supervision Act). In practice, these requirements ensure that only highly certified providers with industry experience are considered for outsourcing in line with compliance requirements.

Find out more

 

What is whaling?

Whaling is a variant of (spear) phishing that targets chief (‘c-level’) executives. Attackers use elaborately crafted emails in an attempt to persuade their victims to disclose valuable confidential data or authorize the transfer of large sums of money.

Find out more

December 2020

IT-Security-Trends

Discussions about IT Security Act 2.0 Are Ongoing:

The German cabinet has approved a controversial package of laws designed to ensure greater IT security – especially for critical infrastructure. However, critics still see considerable shortcomings in the legislation currently being drafted.

Find out more

 

“Amnesia:33”: New Vulnerabilities Discovered in Millions of IoT Devices:

Security researchers are issuing warnings about security vulnerabilities, some of them serious, in networked medical and industrial devices. Products from at least 150 suppliers worldwide are affected. The vulnerabilities result from a faulty implementation of the TCP/IP internet protocol.

Find out more

 

Escalation of Cyberattacks on the Financial Industry:

Latest research shows that nearly two-thirds of financial institutions have been affected by cyberattacks in the past twelve months. The coronavirus pandemic is expected to further exacerbate this trend.

Find out more

 

Password Security Is Still Coming Up Short:

Many people continue to underestimate the importance of a complex password for protecting private or business data. According to a list compiled by the Hasso Plattner Institute, the most popular passwords in 2020 include the classics “123456” and “password” as well as “iloveyou”.

Find out more

 

Lowering Costs with Compliance: Revised Version of MaRisk Provides Opportunities:

The sixth revised version to MaRisk offers medium-sized and small financial institutions in particular, which are organized in network structures, lucrative starting points to avoid additional regulatory effort and thus lower costs.

Find out more

 

Cybercrime

 

Sunburst Trojan Infects Over 18,000 Organizations, Government Agencies, and Businesses:

The malware spread via the update servers of an IT management software application. In addition to large companies, government agencies and federal departments in the USA are also heavily affected. The Russian state-backed hacker group APT29 is suspected of being behind the attack.

Find out more

 

COVID-19: Vaccine Companies Targeted by Cybercriminals:

Hackers have attacked the European Medicines Agency (EMA). They acquired vaccine documents from BioNTech and Pfizer. Interpol and security experts warn of further attacks on vaccine developers and vaccine logistics chains.

Find out more

 

Cyberattack Paralyzes German Dax Stock Index Aspirant Symrise:

According to the company, the attackers planted a virus in the company network “with extortionist intent”. As a result, large parts of production had to be temporarily halted.

Find out more

 

Security Breaches in Medical Practices Put Patient Data at Risk:

Improperly inserted connectors enabled security researchers to trick the telematics infrastructure into thinking they were a doctor’s office. This gave them access to all the electronic patient files of the affected practices without having to enter a password.

Find out more

 

330,000 Faked Interactions for 300 Euros

A recent NATO study shows how little effort is required for targeted manipulation in social networks. Troll factories are able to generate high interaction rates at very low cost. The protective mechanisms of Facebook, Twitter, Instagram, and the like are largely ineffective.

Find out more

 

Cybercrime Incurs Costs of Over One Trillion US Dollars:

In 2020, cybercrime will cost the global economy more than one trillion US dollars. The costs are largely incurred as a result of direct damage and the associated consequential costs, but there are also expenses for IT security.

Find out more

 

Things to know

ISO 27001 vs. ISO 27001 Based on IT-Grundschutz

ISO 27001 and ISO 27001 based on IT-Grundschutz (IT baseline protection) define a framework and describe a concept for implementing an information security management system (ISMS). The standards are similar in principle but have significant differences in detail.

Find out more

 

Cybersecurity: What Awaits IT Decision-Makers in 2021

Myra Security looks back at the year’s most defining IT security trends and dares to look ahead to the challenges and digital threats IT decision-makers will be facing in the coming year.

Find out more

November 2020

IT-Security-Trends

Cyber insurance: DDoS and blackmail cause the most expensive damage:

While external attacks account for the majority of the damage, internal incidents are the most common cause of cyber damage. Security service providers can help to increase the level of protection, thereby lowering cyber risks and insurance premiums.

Find out more

 

Out of the crisis and into the cloud:

In the future, companies will increasingly depend on how quickly and how well they are able to make use of cloud and remote work solutions. Forrester analysts forecast that there will be increased investment in these new technologies in 2021.

Find out more

 

U.S. authorities warn of attacks on the healthcare system:

U.S. security agencies are warning of an acute threat to the healthcare system from ransomware attacks. Eastern European hacker groups are said to be primarily responsible, and they sometimes use the Ryuk and Conti encryption trojans to perpetrate their attacks.

Find out more

 

Coronavirus puts cybersecurity at the top of the agenda:

A current study by the consulting firm PwC shows that due to the increased threat situation resulting from the coronavirus pandemic, the topic of IT security is becoming more important for companies.

Find out more

 

New Standard Contractual Clauses (SCC) as a replacement for Privacy Shield:

In order to create a legally secure basis for transatlantic transfer of data between the EU and the U.S., the EU Commission is working on revised SCCs. In particular, the data protection requirements that the ECJ has specified in the Schrems II ruling should be taken into account.

Find out more

 

Cybercrime

 

DDoS attack troubles British broker:

The services of the British financial services provider Trading 212 temporarily became unavailable as a result of a DDoS attack. According to the fintech company, no customer data or stock portfolios were compromised by the failure.

Find out more

 

You can’t rely on honor among thieves:

Cyber criminals are increasingly reselling data stolen by ransomware to the highest bidder on the darknet, even if the victim has paid up.

Find out more

 

Contract hackers target the financial industry:

Security researchers have come across a large-scale APT campaign in which hackers systematically penetrated the systems of South Asian financial institutions. It is not known who hired the digital mercenaries.

Find out more

 

Outdoor apparel manufacturer North Face is resetting customer passwords:

Due to a massive credential stuffing attack, North Face was forced to reset the passwords for its customers and the payment tokens stored in the accounts for security reasons.

Find out more

 

DDoS attack paralyzes RKI website:

The Robert Koch Institute website went down for several hours. The failure was caused by a botnet-based DDoS attack. It has not yet been discovered who is behind the attacks. However, it is believed that no data was leaked as the result of the attack.

Find out more

 

Struggle against criminal trading platforms:

Federal Justice Minister Christine Lambrecht wants to take action against criminal marketplaces on the internet and darknet. In order to combat the trafficking in arms, drugs, and pornography, the responsible government agencies will increasingly utilize online raids and “state trojans” going forward.

Find out more

 

Doxing: Minimizing data exposure is the best protection:

In Germany, the first judgment for doxing was recently handed down. A 22-year-old had collected the private data of numerous celebrities and published it online. This case demonstrates the importance of protecting our confidential data and digital identities.

Find out more

 

Things to know

Myra Security receives an 8-figure investment:

The German cybersecurity company Myra Security and Round2 Capital have been working together for about a year, and now they have decided to expand this partnership. Myra Security will receive over ten million euros in new funding.

Find out more

October 2020

IT-Security-Trends

Cyber warfare: U.S. military succeeds in strike against the TrickBot botnet:

The U.S. Cyber Command has temporarily disrupted the botnet allegedly controlled by Russian cyber criminals to prevent it from impacting the U.S. presidential election.

Find out more

 

BSI [BSI = Federal Office for Information Security] situation report: “Risk situation in the area of critical infrastructure remains at a high level:”

Operators of critical infrastructure see themselves exposed to cross-sector attacks, particularly DDoS and ransomware. Complex DDoS attacks on banks have caused disruptions in payment transactions. Successful defense requires protective measures on all the relevant levels.

Find out more

 

IDC study: Companies are investing more in securing their employees’ home offices:

38 percent of respondents have increased their budget for this purpose. 37 percent consider network security to be the most important issue of 2020. Security incidents have already occurred in more than three quarters of the companies surveyed.

Find out more

 

DsiN [DsiN = Germany Safe on the Net] Practice Report 2020: 46 percent of all SMEs affected by cyber attacks:

In three out of four cases the attacks led to detrimental effects. Yet few companies are actively improving their digital defenses. There is a need to catch up, especially in the implementation of operational security measures.

Find out more

 

Bitkom: Expenditures for IT security grow by 5.6 percent:

In the current year, investments in Germany will likely reach €5.2 billion, which would be a new all-time high. Services account for the largest share of the total market at 55 percent or €2.8 billion.

Find out more

 

BKA [BKA = Federal Criminal Police Office]: Number of cybercrime cases increases by 15 percent:

According to the Federal Situation Report 2019, the police registered a total of 100,514 cases in Germany. Ransomware attacks, which are often accompanied by data theft, continue to pose the greatest threat. Scammers also took advantage of the general interest in COVID-19 information.

Find out more

 

Cybercrime

 

Russian hackers steal data from U.S. government agencies:

According to the FBI, dozens of municipal and state government networks were attacked. Data is said to have been stolen from at least two servers. State-supported actors are suspected behind the attacks.

Find out more

 

Software AG becomes the target of malware attack and data theft:

The Darmstadt-based company had to temporarily shut down its in-house systems. The attackers also stole data that has since become public. According to the company, the costs for combating the attack have so far amounted to approx. €5 million.

Find out more

 

Google reports the largest known DDoS attack to date:

The attack had a peak bandwidth of 2.54 terabits/s and was launched by a state-supported actor from China. The incident occurred in September 2017, but was only just published by Google in a report on DDoS attacks on its infrastructure.

Find out more

 

Cyberbunker trial against operators of darknet infrastructure begins:

A computer center in a bunker facility in Traben-Trarbach in Rhineland-Palatinate is said to have been responsible for at least 249,000 criminal offenses, including trafficking in drugs and counterfeit money. The proceedings before the Trier Regional Court are concerned with clarifying the responsibility and involvement of the accused operators.

Find out more

 

Insider attack on asset manager Scalable Capital:

The Munich-based start-up reported “unlawful access” to strictly confidential customer data. In addition to contact information, it is alleged that, among other things, securities statements, tax and account numbers, and identification data were leaked. At least 23,000 customers are affected.

Find out more

 

Finland: Attackers steal medical records of thousands of psychotherapy patients:

Affected are patients of Vastaamo, a private provider. Like the company itself, many of them have reported blackmail attempts. A 10 GB file containing notes from therapy sessions is said to be circulating on the darknet.

Find out more

 

Best practices, defense, and mitigation

Financial Stability Council gives recommendations for action on how to deal with cyber incidents:

The report “Effective Practices for Cyber Incident Response and Recovery” is a toolkit for financial institutions. It includes 49 recommendations on how those impacted by a cyber incident can restore their ability to operate.

Find out more

September 2020

IT-Security-Trends

/wp/wp-admin/post.php?post=27869&action=edit

Cybercrime

DDoS blackmailers attack in the name of “Fancy Bear”:

DDoS blackmailers attack in the name of “Fancy Bear”:Cybercriminals pretending to be the Fancy Bear hacker group are blackmailing German companies into paying large ransoms. Those failing to heed the attackers’ demands face the prospect of critical DDoS attacks.

Find out more

 

Massive DDoS attack on Hungarian banks and Magyar Telekom:

According to the telephone company, it was one of the biggest hacker attacks ever perpetrated in Hungary, in terms of both scope and complexity.

Find out more

 

Data breach at US hospital: Medical records and personal information of 6,000 patients stolen:

The stolen records include name, date of birth, detailed medical records, and in some cases, insurance information and social security numbers.

Find out more

 

Didn’t care much for online classes: 16-year-old high school student disrupts school with a simple DDoS attack:

The teenager from Miami used the open source “Low Orbit Ion Cannon” stress testing tool to overwhelm the school district’s inadequately secured networks.

Find out more

Things to know

The Myra platform at a glance

The Myra Security-as-a-Service platform is conceived as a comprehensive protection concept for securing digital business processes. The individual solutions interact seamlessly to ensure robust IT security, performance, and certified compliance.

Find out more

August 2020

IT-Security-Trends

Data breaches are costing the German financial industry dearly:

According to a study by IBM, no other industry has recorded such high levels of damage related to data breaches and cyber attacks as the finance sector.
Find out more

Hospital law of the future: German government focuses on IT security:

The German government plans to spend three billion euros to advance the digitization of hospitals. The funding requires that hospitals focus on IT security during the digital transformation.
Find out more

There is no IT security without awareness:

If you want to strengthen cybersecurity in your company, you cannot rely on technical solutions alone. Employees must also be brought up to speed on the subject so that the right strategic response is made in the event of an attack.
Find out more

The challenge of IT outsourcing in the financial sector:

The trend toward outsourcing IT security to specialist providers is continuing. Especially in the financial sector, however, the regulatory requirements for outsourcing of this kind are being increasingly scrutinized by BaFin. This will also have an impact on insurance companies.
Find out more

Quantum computing entails opportunities and risks:

Innovative quantum systems calculate the complex risk models and optimization tasks of banks and insurance companies in the shortest possible time. However, the Federal Association of German Banks (BdB) warns that the technology can also be used to defeat commonly used encryption methods.
Find out more

Cybercrime

Encryption Trojan with affiliated leak platform:

The novel Conti ransomware not only encrypts the data of its victims but also threatens to publish the victims’ data on a publicly accessible platform.
Find out more

Travel operator CWT pays $4.5 million to get its data back:

As part of a ransomware attack, the US business travel operator was forced to pay the equivalent of US$ 4.5 million in Bitcoin.
Find out more

A million-dollar bribe for an attack on Tesla:

Cybercriminals offered an employee at the Tesla factory in the US state of Nevada a million-dollar bribe. In return, he was to infect the factory’s systems with malware. However, the employee demonstrated loyalty and reported the incident to his employer. The FBI is now investigating the incident.
Find out more

Best Practise, Defense & Mitigation

Catching up on the backlog of IT security in hospitals:

In healthcare, another critical infrastructure (KRITIS), BSI attests to weaknesses in organizational measures for cybersecurity. There is nothing to criticize in the technical implementation of security measures, but an IT-specific security culture is lacking. This manifests itself in incomplete risk management, insufficient network segmentation, and outdated Windows operating systems.
Find out more

Checking IT service providers more closely:

Raimund Röseler, Executive Director of Banking Supervision, is in favor of direct control rights and sanctions against IT service providers. This is the only way BaFin can ensure that strict compliance guidelines are adhered to in the ongoing trend toward IT outsourcing:
Find out more

Things to know

The Myra platform at a glance: Web Application Security:

Web Application Security: Injection attacks, malware attacks, manipulative bot requests, and more: Online services today are exposed to a wide range of threats that need to be systematically addressed. As an upstream protective wall, Myra Website Application Security protects the web applications of companies and government agencies from all of these kinds of attacks.
Find out more

The Myra platform at a glance: Web Intelligence:

Web Application Security: Injection attacks, malware attacks, manipulative bot requests, and more: Online services today are exposed to a wide range of threats that need to be systematically addressed. As an upstream protective wall, Myra Website Application Security protects the web applications of companies and government agencies from all of these kinds of attacks.
Find out more

July 2020

IT-Security-Trends

Social Engineering: What the Twitter Hack Shows Us:

Attackers have successfully hacked countless celebrity and corporate accounts on Twitter and used them for bogus spam messages. The blame for this was not due to a vulnerability in Twitter’s systems, but to a successful social engineering attack on one of the service’s employees. You can find out more about the attack here:
Find out more

Digitization in Health Care in Demand as Never Before:

International studies have shown that patients are increasingly demanding digital treatment methods such as telemedicine, health apps, and AI-supported diagnostics programs. The basis for successful digitization in the health care sector, however, is IT security, data protection, and compliance.
Find out more

Apart from Critical Infrastructure, Infrastructure Providers Are Often Easy Prey:

Hackers have succeeded in stealing and releasing customer and employee data from an energy supplier in Mainz. Like many other municipal providers, which due to their size do not fall within the definition of critical infrastructure, the company does not have to meet the high standards set out in German IT security legislation.
Find out more

Ransomware Security Measure Hobbles Lower Saxony’s Tax Offices:

In order to avoid being infected by Emotet and other types of malware, the tax authorities of Lower Saxony have since the beginning of the year stopped processing e-malls with file attachments or links. A secure environment for the quarantined opening of such content is presumably in the test phase.
Find out more

Cybercrime

Credential Stuffing: The Underrated Risk:

Even in spectacular security breaches, hackers don’t usually overcome any technical security hurdles, but instead often simply misuse normal login details.
Find out more

Windows POS Malware Uses DNS to Steal Credit Card Information:

A new type of malware uses the DNS protocol to steal credit card data and payment information from cash register systems without being detected. The stolen information can be used directly for transactions or even to clone credit cards.
Find out more

Cybercrime: What’s behind Digital Crime?

With increasing digitization, cybercrime continues to gain momentum and causes billions in damages to the economy, government, and society at large. Learn more about the multilayered threat from the Internet here:
Find out more

GDPR Shows Its Teeth:

Last year, about two-thirds more breaches of the General Data Protection Regulation were reported in Europe. In most cases, the violations involved unauthorized access to personal data through cyberattacks, tampering and sabotage, and the loss of non-secured mobile devices and laptops.
Find out more

Things to know

The Myra Platform at a Glance: Multisite Load Balancer:

Delayed access or even total failure of web applications and online services are unacceptable in a professional environment. Multiple redundant server systems and data centers provide a remedy for such problems. Without smart distribution of access, however, even such concepts are of little help.
Find out more

The Myra Platform at a Glance: Content Delivery Network:

What counts most on the Internet are speed and stability. If, in contrast, there are delays in loading websites or using web applications, most users leave after a few seconds and look for alternatives. That’s why companies cannot afford to sacrifice performance when doing business online.
Find out more

The Myra Platform at a Glance: DDoS Protection:

Myra DDoS Protection is an integral part of our certified Security-as-a-Service platform. The solution, developed and operated in-house, reliably and fully automatically protects web applications, websites, DNS servers, and IT infrastructure.
Find out more

June 2020

IT-Security-Trends

With Cybercrime as a Service, digital attacks become a service:

Anyone who now wants to digitally target companies no longer has to get their fingers dirty. Cyber attacks are offered as a service on the Darknet.
Find out more

DNS attacks cost companies an average of EUR 920,000:

In Germany, the financial harm caused by DNS-based attacks on companies amounts to an average of EUR 920,000. According to IDC, phishing, and DDoS attacks are among the most common types of attack.
Find out more

Why captchas alone are not enough:

Captchas protect web applications from malicious access by bots and spammers. However, the plus in security comes at the price of disadvantages in accessibility and usability. The little image and audio puzzles also present an obstacle for some human users.
Find out more

Incomplete digitization in the insurance industry:

According to a recent YouGov study, insurers score only average on the digital transformation. While data protection and IT security were rated by the majority, there were shortcomings in the user experience.
Find out more

Social engineering and phishing in perfection:

Cybercriminals forge business e-mails and websites with ever increasing precision. At first glance, the malicious fakes cannot be distinguished from the originals. Awareness and a trained eye are required to reliably spot phishing.
Find out more

SMEs underestimate the risks:

German small and medium-sized enterprises are increasingly becoming the focus of cybercriminals. Compared to larger companies, however, medium-sized companies are rarely reliably protected against attacks, and there is often a lack of awareness of the problem.
Find out more

Cybercrime

Major raid against users of Darknet platform:

More than 1,400 police officers throughout Germany were involved in a major raid against users of Crimenetwork, the illegal online platform. In over 200 searches, more than 300 TByte of data material was seized, allegedly providing evidence of drug and arms trafficking, botnets, credit card abuse, and other crimes.
Find out more

Computervirus shuts down Berlin Court of Appeal for nine months:

The majority of the roughly 150 judges of the Berlin Court of Appeal have been unable to work for about nine months because their recently purchased laptops cannot be securely connected to the court’s internal network due to a lack of VPN (via Fefe).
Find out more

Financial service providers in BaFin’s sights:

In its journal, the Federal Financial Supervisory Authority (BaFin) regularly draws attention to shady characters on the financial market who have attracted attention through questionable products and illegal practices. The black sheep at a glance:
Find out more

Things to know

IT Security Act: Big update coming up:

The IT Security Act is getting a major update in order to bring the catalogue of requirements and also the BSI itself into line with the current level of threat. In essence, the current draft law for IT Security Act 2.0 provides for an active protective role of the BSI for the government, economy, and public.
Find out more

SOC: Where all threads of cybersecurity come together:

In the Security Operation Center (SOC), IT specialists continuously analyze and evaluate all security-related data of corporate IT. The SOC’s primary task is to proactively identify and close possible vulnerabilities in systems and to actively initiate countermeasures in case of cyber attacks.
Find out more

May 2020

IT-Security-Trends

Cybercriminals exploit corona crisis for attacks:

While COVID19 is causing a global state of emergency, cybercriminals, and hacker groups are taking advantage of the situation to target critical services. In addition to the public sector, the healthcare, and financial industries are also affected by the attacks:
Find out more

Credential stuffing is increasingly becoming a problem for banks and payment service providers:

The systematic misuse of login data on the internet is one of the most frequently used tools of attack for cybercriminals. Online scammers are mainly looking for lucrative access for banking and payments.
Find out more

The Association of German Banks (BdB) sees a need for action:

Banks must expect much more sophisticated cyber attacks in 2020 than in the past. This is why coordinated measures for more IT security and industry-wide cooperation are now required:
Find out more

Mobile on the move:

Security-critical applications from the banking sector are also increasingly being used on mobile devices. It is important there to create secure platforms for financial services:
Find out more

Cybercrime

Supercomputers under fire:

A number of European high-performance data centers had to disable access to their supercomputers due to hacker attacks. The SuperMUC facility at the Leibniz Supercomputing Center in Garching, the Hawk high-performance computer at the Stuttgart HLRS, and the Jureca system in Jülich were also affected. The background to the cyber attacks is currently still unclear:
Find out more

Major attack on WordPress:

In a large-scale attack campaign, a hacker group took fire at over 900,000 WordPress websites. The sites were to be taken over by cross-site scripting (XSS).
Find out more

Best Practise, Defense & Mitigation

Remote work requires security by design:

Working safely away from the office is commonplace in times of corona. User-friendly IT security provides practical protection.
Find out more

IT Security Act 2.0 makes BSI a powerful cyber authority:

The new draft for an expanded IT Security Act provides for the retention of log data, among other things. The office is also to be expanded by about 600 positions, according to plans by Federal Interior Minister Horst Seehofer (CDU):
Find out more

Cybersecurity and business must work in harmony:

Gartner analysts are calling for decision-makers to make IT security a business-critical area in companies. After all, cybersecurity decisions have a direct impact on business results – not least due of the impact of the corona pandemic:
Find out more

Things to know

What exactly does the BSI do?

The Federal Office for Information Security (BSI) is committed to the protection of IT systems in government agencies, companies, and private households. Find out what they do in detail here:
Find out more

There will be cybercriminals for as long as the money keeps rolling in:

Digital attackers usually act out of monetary interests. Current studies show that in 9 out of 10 cases cyber attacks are financially motivated:
Find out more

Share this article