Select Page
Back to overview

Myra’s monthly security highlights present IT decision-makers and security specialists with the most relevant topics from the world of cybersecurity. Hacker trends, defense strategies, and reports on cyber attacks, hacker campaigns, and more are available here in a clearly laid out format.

The dramatic consequences that cyber attacks can have on critical infrastructure were illustrated in early May by the ransomware attack on the largest pipeline operator in the USA. Colonial Pipeline, which supplies approx. 45 percent of the fuel consumed on the U.S. East Coast, had to temporarily completely shut down operation of its main pipeline. This resulted in supply shortages and panic buying of gasoline at service stations. The U.S. government declared a regional state of emergency to secure fuel supplies for about 50 million people by road. Nothing has been revealed about the exact course of events or the masterminds behind the attack. The only thing that is certain is that “Darkside” ransomware was used. Apparently with success: around two weeks after the attack, Colonial Pipeline admitted to having paid a ransom of 4.4 million U.S. dollars, despite the urgent recommendation of security authorities not to do so.

In contrast, the Irish government categorically ruled out paying a ransom after a ransomware attack hit the public health service Health Service Executive (HSE) in mid-May. HSE’s main IT systems were shut down as a precautionary measure, leading to restrictions in healthcare across the country. The Russian group “Wizard Spider” is suspected to have been behind the attack using the “Conti” ransomware Trojan.

These incidents are an example of how digital attacks can cause very specific damage in the real world. Critical infrastructure such as hospitals and other key providers represent an attractive target for financially or politically motivated attackers, cyberterrorists, or hacktivists. In its Risk Barometer 2021, the Allianz financial services company ranks cyber incidents as the biggest threat to utilities and the healthcare sector.

The top IT security topics in May 2021

IT security trends

Verizon report: attacks on web applications on the rise:

According to Verizon’s latest Data Breach Investigations Report, attacks on web applications are the second most common type of attack after DDoS. The number of phishing and ransomware attacks increased by 11 and 6 percent, respectively, year over year.

Find out more

 

Allianz: cyber incidents are the greatest risk to the financial industry:

According to an analysis by Allianz Global Corporate & Specialty, cyber attacks, system failures, and data breaches are the most common causes of damage. Together, they account for twelve percent of all losses in the past five years, totaling around 870 million euros.

Find out more

 

Three-quarters of all financial institutions have seen more cyber attacks since the pandemic began:

On average, the increase was 29 percent, according to the “COVID Crime Index” from BAE Systems. In particular, attacks employing botnets, ransomware, and phishing increased significantly. Despite the heightened threat situation, security budgets were cut by 26 percent.

Find out more

 

New regulation provides for stricter security requirements for certain operators of critical infrastructure:

According to a draft reform by the German Federal Ministry of the Interior, around 270 new companies will fall under the new critical infrastructure regulation, primarily power producers. In the future, they will have to meet special reporting and certification requirements and comply with minimum standards.

Find out more

 

HP report: remote work increases cybersecurity risks:

Two-thirds of office workers from Germany also use their work device for private purposes when working from home. 16 percent even let family members or friends use it. As a result, 54 percent of IT decision-makers registered a higher number of phishing attacks and malware infections.

Find out more

Cybercrime

Cybercriminals extort millions in ransom from largest U.S. pipeline operator:

As a result of a ransomware attack, Colonial Pipeline had to temporarily completely shut down operation of its main pipeline. This caused shortages in fuel supplies in the eastern USA for days on end. The operator ultimately gave in and paid a ransom of $4.4 million.

Find out more

 

Ransomware attack hits Irish health service HSE:

The precautionary shutdown of key IT systems had a serious impact on healthcare. For example, networked hospitals were unable to access patient data. The Irish government declared that it would not be paying a ransom.

Find out more

 

AXA insurance group targeted by ransomware attackers:

Shortly after AXA announced a partial exit from the ransomware insurance business, several of its locations in Asia became targets themselves. The cybercriminals are threatening to publish stolen customer data if AXA does not comply with their ransom demand.

Find out more

 

Federal Criminal Police Office (BKA) situation report: cybercrime continues to rise:

The number of cybercrime cases recorded by the Federal Criminal Police Office rose by approx. eight percent to over 108,000 last year, meaning that the authority registered more than twice as many cybercrimes as in 2015. Most recently, vaccination portals and the vaccine supply chain were targeted by cybercriminals.

Find out more

 

DDoS attack cripples websites and services of numerous Belgian government agencies:

About 200 state organizations were affected by the massive attack on Belnet, the internet service provider, including public administrations, ministries, universities, research institutes, and hospitals.

Find out more

Things to know

Convenience and data security for e-health are compatible:

E-health services such as electronic patient records and e-prescriptions are provided on a voluntary basis. Their acceptance depends to a large extent on trustworthiness and convenience. Digital data protection and security measures are therefore essential, but solutions must also offer a high level of convenience and performance. These apparent contradictions are compatible.

Find out more

 

BSI president sees risk for hospitals:

In an interview with Die Zeit, the head of the German Federal Office for Information Security (BSI), Arne Schönbohm, and BSI expert Dirk Häger explained the digital threat situation in Germany. In their estimation, the risk posed by cyber incidents is also increasing for critical infrastructure. Attackers are increasingly employing complex attack patterns and the number of attacks is rising.

Find out more

 

IT security creates a foundation of trust for e-health solutions:

In the healthcare sector, digital solutions are increasingly being used in administration, diagnostics, and treatment. Security and data protection are given top priority in order to promote social acceptance of e-health.

Find out more

 

Financial regulator steps up controls on IT and cybersecurity:

In light of advancing digitalization, cyber risks are becoming an even greater focus for the German Federal Financial Supervisory Authority (BaFin). The supervisory authority is paying particular attention to the outsourcing of IT services.

Find out more

 

EU cloud: 5 reasons why GAIA-X is so important for Europe:

GAIA-X is intended to promote cloud computing on a European level as a hybrid data platform. More than 350 companies and organizations are involved in setting up the lighthouse project—and for good reasons.

Find out more

 

What is IT compliance?

IT compliance describes adherence to legal, internal, or contractually prescribed requirements for the IT of an organization. These requirements are made up of various requirements for IT security, data protection, availability, and integrity that apply to systems and processes.

Find out more

 

What is open source?

Open source generally refers to software whose source code is freely available and can be viewed by independent third parties. Depending on the underlying open source license, it can also be used, changed, and redistributed more or less freely. However, no license fees may be charged.

Find out more


April 2021

IT-Security-Trends

 

 

US cloud use: Supervisory authorities intensify their investigations into data protection violations:

After the end of the Privacy Shield, data transfers from Europe to the USA are now only possible in the rarest cases in compliance with the GDPR. German government agencies now want to carefully examine whether companies are violating EU law by using US cloud services.

Find out more

 

Almost 50% of German companies have been affected by cyber attacks during the past year:

According to the “Hiscox Cyber Readiness Report 2021”, the proportion rose from 41% to 46% year-over-year. Compared to other companies internationally, German companies sustained the highest average total costs from cyber attacks. That is why most investments are currently being made in cybersecurity in this country.

Find out more

 

The Bundestag passes IT Security Act 2.0:

The amended law is intended in particular to ensure more IT security for critical infrastructures. “Untrustworthy” suppliers may be prevented from expanding their networks in the future. In addition, thanks to its new powers, the BSI is playing a more active role in combating cyber incidents.

Find out more

 

BSI: IT security too often falls by the wayside in the boom of people working from home caused by the pandemic:

According to a BSI survey, 58% of companies want to maintain or expand the number of employees working from home, even after the pandemic is over. According to BSI President Arne Schönbohm, IT security has not been given the budgets, processes, and people that it needs.

Find out more

 

Report: Mobile devices are the biggest IT security threat to businesses

This is the view of 40% of the companies surveyed for the Verizon Mobile Security Index 2021. The switch to remote work driven by the coronavirus pandemic and the increasing use of mobile devices has increased the size of the virtual attack surface immensely.

Find out more

 

US Federal Reserve chief sees cyber attacks as the greatest risk for financial institutions:

In a TV interview with CBS News, Jerome Powell stated: “I would say that the risk that we monitor most closely is cyber risk.” Many governments, corporations and, above all, financial entities have also shared this concern and therefore invested more heavily in their cyber defense.

Find out more

 

Study confirms some serious deficiencies in IT security at German hospitals:

More than one-third of the 1,555 hospitals that were examined exhibited shortcomings. Of a total of 1,931 vulnerabilities discovered, over 900 were classified as critical. One-fifth of the hospitals with security deficiencies were critical infrastructure facilities.

Find out more

 

 

Cybercrime

 

The personal data of 533 million Facebook users was leaked:

The data records, which were posted for free on a hacking forum, mainly consist of phone numbers, but they also include 2.5 million email addresses as well as such personal information as name, gender, date of birth, place of residence, relationship status, and employer.

Find out more

 

Cyber criminals put up the data of half a billion LinkedIn users for sale:

The records include publicly available information, such as name, gender, email address, and phone number. According to LinkedIn, however, this data does not contain any private profile data. The entire data collection is expected to fetch at least a four-digit sum at auction.

Find out more

 

Data leak at Clubhouse: 1.3 million users are affected:

In contrast to the profile data of Facebook and LinkedIn users that was leaked just a few days before, the Clubhouse records contain neither email addresses nor phone numbers. However, there is still a risk that the published data can be abused for attacks.

Find out more

 

Update recommended: Microsoft closes other critical vulnerabilities in Exchange Server:

Microsoft has again released security updates for its email software, this time eliminating four critical vulnerabilities in Exchange Server 2013, 2016, and 2019. The BSI warned companies that they should install the newly released patches as quickly as possible.

Find out more

 

Smishing wave: Users are receiving an increased number of fraudulent SMS messages masquerading as shipment tracking numbers:

The BSI warns users to be on the look out for fraudulent SMS messages about package deliveries and the like. After opening a link, recipients are asked to install an app that is supposedly required for shipment tracking. However, it is actually malware.

Find out more

 

Thousands of coronavirus test results have been published on the internet:

Due to a security flaw in a test center website, users were able to obtain the test results for test subjects online without any access restriction, including their personal data, such as name, telephone number, email address, address, and date of birth.

Find out more

 

Cyber attack disrupts operations at Lippstadt hospital:

The attack paralyzed the entire IT infrastructure, including the software that was used for patient documentation. As a result, the hospital had to stop admitting patients. It transferred emergency patients to primary care and canceled all scheduled elective surgeries.

Find out more

 

DDoS attacks once again bring down the Brandenburg school cloud:

The learning platform used by most schools in Brandenburg and Berlin became inaccessible due to a botnet-based DDoS attack. There had already been outages in January due to a similar attack involving a massive number of unauthorized attempts to access the platform.

Find out more

 

 

Things to know

The end of Privacy Shield and what happens next

Privacy Shield was an informal agreement between the U.S. and the EU intended to ensure compliance with European data protection standards for data transfers to the U.S. Find out more about the reasons for the repeal of the agreement and what you need to consider when working with cloud service providers.

Find out more

 

What is a patch?

A patch is a software update for an existing application or operating system to resolve bugs (errors) or vulnerabilities. Good planning and clear processes when it comes to patching are essential for minimizing many cyber risks for companies.

Find out more

March 2021

IT-Security-Trends

 

Banks need to adapt their cybersecurity strategy to changes in the threat situation:

With increasing digitization, customer needs and virtual attack surfaces have also increased. That is why it is no longer enough to secure only your systems. The security strategy must also include customers and their protection

Find out more

 

Cybersecurity in financial institutions: Not an issue for technology experts alone:

Staff and management should have no reservations when it comes to cybersecurity and should develop a minimum level of understanding of what it entails. This helps to raise awareness and thus improves the level of protection.

Find out more

 

The European Council stresses the vital importance of cybersecurity for a digital Europe:

The Council’s conclusions on the recently adopted EU cybersecurity strategy, presented in December 2020, set the key objective of achieving strategic autonomy while maintaining an open economy. To this end, the ability to make autonomous decisions in the area of cybersecurity must also be strengthened.

Find out more

 

International study shows that German hospitals need to catch up in terms of digitization:

In an international comparison, the 52 German hospitals surveyed scored well in data protection and data security. However, they lag behind in interoperability and public health, and when it comes to patient orientation and patient-centeredness, they land at the bottom of the list.

Find out more

 

E-commerce increasingly under threat from DDoS and ransomware attacks:

To protect themselves from these and other threats, online store operators need to adapt their security strategy. State-of-the-art measures are required to detect, analyze, and defend against attacks. Security and data protection also form the basis for customer trust.

Find out more

 

Dark Web Price Index 2021: stolen online banking credentials starting at $40:

Significantly more stolen credit card details and online banking logins were traded on darknet marketplaces in 2020 than in the previous year. Fake ID documents, email databases, malware, and DDoS attack tools are also very popular. Not only the quantity, but also the variety of illegally offered data and goods has increased.

Find out more

 

Cybercrime

European Banking Authority (EBA) impacted by Microsoft Exchange attack:

As a result of the wave of attacks on Microsoft Exchange servers that began in early March, Europe’s banking regulator had to take its mail system offline temporarily. According to the government agency, the attack did not go beyond the mail system. It announced a full investigation.

Find out more

 

Members of the Bundestag and state parliaments targeted by spear phishing attacks:

According to media reports, cyber attackers have attempted to compromise the email accounts of at least seven members of the Bundestag and 31 state parliaments, as well as dozens of political activists. The Russian military intelligence agency GRU is suspected of having been behind the campaign. Security agencies are now warning of possible Russian disinformation campaigns.

Find out more

 

136,000 corona test results publicly available on the internet:

Due to a security vulnerability in a service provider’s software for coronavirus test centers, other users’ quick test results were accessible with a normal user account – including personal data such as name, address, date of birth, citizenship, and ID number.

Find out more

 

Data breach of Lufthansa’s “Miles and More” frequent flyer program:

As part of an attack on the aviation IT service provider Sita, cyber attackers stole passenger data from Star Alliance partners. Approx. 1.35 million Lufthansa Miles and More customers were also affected by the incident. However, no passwords, email addresses, or other personal data are said to have been stolen.

Find out more

 

Cyber attackers hack into 150,000 surveillance cameras at Tesla, police departments, and schools:

The attackers allegedly gained access to the systems of the operator company Verkada by means of login data for a “Super Admin” account that was publicly exposed on the internet. This gave them direct access to tens of thousands of cameras and Verkada’s customer video archive.

Find out more

 

Things to know

What is an Information Security Management System (ISMS)?

An information security management system (ISMS) defines policies and procedures to ensure, manage, control, and continuously improve information security in a company.

Find out more

 

Internet of Things (IoT) – from vending machines to Industry 4.0:

The Internet of Things is a network of devices and systems connected to the Internet. Each networked object has a unique identifier and can interact with other objects to perform tasks fully automatically.

Find out more

 

What is a blockchain? Definition, how it works, benefits and drawbacks:

Blockchains are decentralized lists of records consisting of individual blocks linked using cryptography. In these distributed records, information of any kind can be documented as transactions that are tamper-proof, transparent, and cannot be altered.

Find out more

 

Darknet: the dark side of the internet?

All hidden online networks and services are subsumed under the term darknet. It is a part of the internet that can only be accessed via special client software and cannot be found using ordinary search engines such as Google, Bing, or DuckDuckGo.

Find out more

 

Opportunities and risks of 5G:

5G stands for the fifth generation of mobile telecommunications. The new communication standard builds upon its predecessor 4G (LTE), but enables significantly faster data transmission with minimal latency and thus entirely new application areas.

Find out more

February 2021

IT-Security-Trends

 

Industrial plants and critical infrastructure are increasingly experiencing security vulnerabilities:

In the second half of 2020, a total of 449 vulnerabilities were discovered in industrial control systems. 71% of them were exploitable remotely. The most vulnerable are the critical infrastructure sectors of manufacturing, power and water supply.

Find out more

 

Cybersecurity in financial institutions: Not an issue for technology experts alone:

Staff and management should have no reservations when it comes to cybersecurity and should develop a minimum level of understanding of what it entails. This helps to raise awareness and thus improves the level of protection.

Find out more

 

More than 100 financial service providers were the target of DDoS extortion attacks in 2020:

The cybercriminals threatened to cripple their victims’ websites and digital services until a ransom was paid. In addition to banks, FinTechs, stock exchanges, insurance companies, credit bureaus, asset managers, and other financial service providers were also impacted.

Find out more

 

Following the Wirecard scandal: BaFin wants to increase oversight of mobile bank N26:

According to media reports, the financial supervisory authority will in future classify N26 as a financial holding company in order to oversee not only the banking subsidiary, but the entire company. The tighter control is seen as BaFin’s reaction to the Wirecard accounting scandal.

Find out more

 

GDPR violations in Germany: 60% more fines in 2020:

Fines across Germany totaled approx. €48 million. The highest fine was issued against fashion retailer H&M at €35.3 million, followed by Notebooksbilliger.de at €10.4 million. The number of fines imposed rose to 301 in 2020, up from 187 in the previous year.

Find out more

 

What lessons can companies learn from GDPR fines?

Data protection authorities repeatedly impose fines in the millions as a deterrent, most recently against Notebooksbilliger.de. To avoid such penalties, companies should take data protection seriously and analyze exactly where internal violations of the GDPR might exist.

Find out more

 

BSI’s IT-Grundschutz Compendium now includes web applications and vehicle IT:

The BSI has updated its IT-Grundschutz Compendium and added the modules “CON.10 Development of Web Applications” and “INF.11 General Vehicle.” Several of the other 95 Grundschutz modules have been fundamentally revised in the 2021 edition.

Find out more

 

Otto CIO: “Digitization will not work without an appropriate level of cybersecurity”:

Despite stagnating IT budgets, investments in security measures must increase because attacks are becoming increasingly complex and threaten business continuity. The topic of cybersecurity should also be regularly discussed and decided at the executive board level.

Find out more

 

 

Cybercrime

Cyber attackers sabotage drinking water supply in the US state of Florida:

Unidentified individuals remotely manipulated the input of chemicals at a water treatment plant. They increased the level of sodium hydroxide in the water to a potentially dangerous level. However, the sabotage was able to be reversed in time.

Find out more

 

Security experts: Cyber threat situation remains tense:

The majority (57%) of IT security experts surveyed by eco, the German Association of the Internet Industry, believe that the German economy is inadequately protected against cybercrime. More than three-quarters expect the threat situation to continue to grow.

Find out more

 

Ransomware attack on Urological Clinic Munich-Planegg:

The attackers encrypted some of the clinic’s IT systems and demanded a ransom. Apparently, they also gained access to confidential patient records. The public prosecutor’s office in Bamberg is investigating.

Find out more

 

Cyber extortionists publish customer data stolen from an internet provider in Kassel:

The leaked data comes from an attack on Netcom Kassel’s customer and communication systems. By releasing the data, the blackmailers wanted to persuade the provider to meet their ransom demand.

Find out more

 

Microsoft warns of a new supply chain attack method:

In a “confusion attack,” software packages contaminated with malware can be injected into IT systems by being automatically installed as dependencies. To do this, attackers only need to know the name of internal packages and create packages using the same name and malicious code in public package sources.

Find out more

 

“COMB”: Collection of more than 3 billion credentials published:

The “Compilation of Many Breaches” (COMB), which surfaced in a hacking forum, contains compromised login data for email accounts and online services such as LinkedIn and Netflix. A website allows you to check whether your own email address is included in the collection.

Find out more

 

Cybercriminals make off with several billion US dollars in cryptocurrencies in 2020:

Last year saw 122 successful attacks on blockchain wallets and exchanges take place. More than a third of the attacks targeted decentralized Ethereum apps. This resulted in damages averaging approx. $9 million per attack.

Find out more

 

Things to know

Cybersecurity protects new business models:

During the crisis, more customers have come to appreciate digital banking and payment services. Banks are responding with new products and services. Cybersecurity is essential to remain digitally competitive.

Find out more

 

What is DORA (Digital Operational Resilience Act)?

The Digital Operational Resilience Act, or DORA for short, provides for the introduction of a comprehensive regulatory framework at the EU level that includes regulations on digital operational resilience for all supervised financial institutions.

Find out more

 

What is the Tor network?

Tor is a network solution for anonymizing communications on the internet. Tor’s technological approach is based on “onion routing,” in which communications on the internet are obfuscated via different and variable routes.

Find out more

January 2021

IT-Security-Trends

IT security deficiencies in over a third of German hospitals:

A survey of publicly accessible network access points at 1,555 hospitals found more than 900 critical vulnerabilities, which can often be traced back to outdated servers and software as well as inadequately secured databases.

Find out more

 

BSI study: networked medical devices have an average of 15 security vulnerabilities:

The BSI uncovered a total of 150 vulnerabilities in ten products from five categories, such as insulin pumps and pacemakers. In many cases, the vulnerabilities were not found in the devices themselves, but in the associated infrastructure.

Find out more

 

EU imposes more than €306 million in fines for GDPR violations in 2020:

Google and Amazon had to pay more than a third of the fines (around €135 million) in France. The highest number of violations was in Spain, with 76. In Germany, three fines totaling just over €37 million were issued.

Find out more

 

Following the Wirecard scandal: BaFin wants to increase oversight of mobile bank N26:

According to media reports, the financial supervisory authority will in future classify N26 as a financial holding company in order to oversee not only the banking subsidiary, but the entire company. The tighter control is seen as BaFin’s reaction to the Wirecard accounting scandal.

Find out more

 

An alternative to the Privacy Shield: EU privacy advocates welcome new standard contractual clauses for US data transfers:

The transfer clauses being planned are intended to continue to allow the transfer of customer data from the EU to third countries such as the USA after the European Court of Justice overturned the EU-US Privacy Shield in July 2020. However, data privacy advocates still see room for improvement in some areas.

Find out more

 

New BSI standard 200-4: Emergency Management becomes Business Continuity Management:

The revised and modernized 200-4 standard replaces the old 100-4 standard and provides practical guidance on setting up a business continuity management system. It is currently available as a community draft open for comments until the end of June.

Find out more

 

Transition of power in the White House: Biden administration makes cyber security top priority:

The new U.S. president has appointed the former NSA director for cybersecurity to his National Security Council, where she will assume the newly created position of deputy national security adviser for cyber and emerging technology. Biden’s predecessor, Donald Trump, entirely eliminated the role of cybersecurity coordinator in 2018.

Find out more

 

Cybercrime

 

 

Investigators succeed in striking blow against “Emotet” malware:

As part of a concerted international effort, law enforcement agencies have seized and dismantled Emotet’s infrastructure. The malware was considered one of the most destructive in the world. In Germany alone, it caused at least €14.5 million in financial losses.

Find out more

 

BKA warns of “significant increase” in DDoS attacks:

According to the German Federal Criminal Police Office, attackers are primarily targeting companies and platforms involved in the remote working and homeschooling sectors. Many attacks are also related to the COVID-19 vaccination campaign.

Find out more

 

DDoS attacks on learning platforms impact online classes:

In many German states, digital distance learning did not start as planned. In addition to technical defects, DDoS attacks were the main cause of a number of learning platform outages. Denial of service attacks hit systems in Brandenburg, Rhineland-Palatinate, and Saarland.

Find out more

 

SolarWinds hack: German government agencies and companies also potentially at risk:

SolarWinds products are used in at least 16 federal agencies and ministries. However, according to the federal government’s current information, there has been no unauthorized access to federal administration systems via the Sunburst Trojan.

Find out more

 

Investigators take down world’s largest darknet marketplace:

With nearly 500,000 users, over 2,400 sellers, and more than 320,000 transactions with a combined value of approx. €140 million, DarkMarket was considered the largest illegal marketplace in the world. It was mainly used to trade in drugs, counterfeit money, stolen credit card data, and malware.

Find out more

 

Beware of targeted phishing attacks on high-level executives:

An ongoing phishing campaign is attempting to use social engineering to obtain credentials from C-level managers. Potential victims receive a deceptively real-looking email claiming that their Office 365 password is about to expire.

Find out more

 

 

Things to know

Corona: increasing security and liability risks:

Digitalization, accelerated by the pandemic, provides opportunities for new business models and more flexible ways of working. This is, however, accompanied by the threat of massive security and liability risks. While the focus has so far been primarily on business continuity, security should be at the forefront in 2021.

Find out more

 

Digital protection of vaccination campaigns creates trust:

Corona vaccination campaigns have begun in many places. Protecting the digital processes created for this is crucial for success.

Find out more

 

IT security as outsourcing according to MaGo and section 32 VAG

In the insurance industry, processes traditionally provided by the insurance company itself are frequently outsourced. The regulatory requirements for this are defined in MaGo (Minimum Requirements for the Business Organization of Insurance Undertakings) and section 32 VAG (Insurance Supervision Act). In practice, these requirements ensure that only highly certified providers with industry experience are considered for outsourcing in line with compliance requirements.

Find out more

 

What is whaling?

Whaling is a variant of (spear) phishing that targets chief (‘c-level’) executives. Attackers use elaborately crafted emails in an attempt to persuade their victims to disclose valuable confidential data or authorize the transfer of large sums of money.

Find out more

December 2020

IT-Security-Trends

Discussions about IT Security Act 2.0 Are Ongoing:

The German cabinet has approved a controversial package of laws designed to ensure greater IT security – especially for critical infrastructure. However, critics still see considerable shortcomings in the legislation currently being drafted.

Find out more

 

“Amnesia:33”: New Vulnerabilities Discovered in Millions of IoT Devices:

Security researchers are issuing warnings about security vulnerabilities, some of them serious, in networked medical and industrial devices. Products from at least 150 suppliers worldwide are affected. The vulnerabilities result from a faulty implementation of the TCP/IP internet protocol.

Find out more

 

Escalation of Cyberattacks on the Financial Industry:

Latest research shows that nearly two-thirds of financial institutions have been affected by cyberattacks in the past twelve months. The coronavirus pandemic is expected to further exacerbate this trend.

Find out more

 

Password Security Is Still Coming Up Short:

Many people continue to underestimate the importance of a complex password for protecting private or business data. According to a list compiled by the Hasso Plattner Institute, the most popular passwords in 2020 include the classics “123456” and “password” as well as “iloveyou”.

Find out more

 

Lowering Costs with Compliance: Revised Version of MaRisk Provides Opportunities:

The sixth revised version to MaRisk offers medium-sized and small financial institutions in particular, which are organized in network structures, lucrative starting points to avoid additional regulatory effort and thus lower costs.

Find out more

 

Cybercrime

 

Sunburst Trojan Infects Over 18,000 Organizations, Government Agencies, and Businesses:

The malware spread via the update servers of an IT management software application. In addition to large companies, government agencies and federal departments in the USA are also heavily affected. The Russian state-backed hacker group APT29 is suspected of being behind the attack.

Find out more

 

COVID-19: Vaccine Companies Targeted by Cybercriminals:

Hackers have attacked the European Medicines Agency (EMA). They acquired vaccine documents from BioNTech and Pfizer. Interpol and security experts warn of further attacks on vaccine developers and vaccine logistics chains.

Find out more

 

Cyberattack Paralyzes German Dax Stock Index Aspirant Symrise:

According to the company, the attackers planted a virus in the company network “with extortionist intent”. As a result, large parts of production had to be temporarily halted.

Find out more

 

Security Breaches in Medical Practices Put Patient Data at Risk:

Improperly inserted connectors enabled security researchers to trick the telematics infrastructure into thinking they were a doctor’s office. This gave them access to all the electronic patient files of the affected practices without having to enter a password.

Find out more

 

330,000 Faked Interactions for 300 Euros

A recent NATO study shows how little effort is required for targeted manipulation in social networks. Troll factories are able to generate high interaction rates at very low cost. The protective mechanisms of Facebook, Twitter, Instagram, and the like are largely ineffective.

Find out more

 

Cybercrime Incurs Costs of Over One Trillion US Dollars:

In 2020, cybercrime will cost the global economy more than one trillion US dollars. The costs are largely incurred as a result of direct damage and the associated consequential costs, but there are also expenses for IT security.

Find out more

 

Things to know

ISO 27001 vs. ISO 27001 Based on IT-Grundschutz

ISO 27001 and ISO 27001 based on IT-Grundschutz (IT baseline protection) define a framework and describe a concept for implementing an information security management system (ISMS). The standards are similar in principle but have significant differences in detail.

Find out more

 

Cybersecurity: What Awaits IT Decision-Makers in 2021

Myra Security looks back at the year’s most defining IT security trends and dares to look ahead to the challenges and digital threats IT decision-makers will be facing in the coming year.

Find out more

November 2020

IT-Security-Trends

Cyber insurance: DDoS and blackmail cause the most expensive damage:

While external attacks account for the majority of the damage, internal incidents are the most common cause of cyber damage. Security service providers can help to increase the level of protection, thereby lowering cyber risks and insurance premiums.

Find out more

 

Out of the crisis and into the cloud:

In the future, companies will increasingly depend on how quickly and how well they are able to make use of cloud and remote work solutions. Forrester analysts forecast that there will be increased investment in these new technologies in 2021.

Find out more

 

U.S. authorities warn of attacks on the healthcare system:

U.S. security agencies are warning of an acute threat to the healthcare system from ransomware attacks. Eastern European hacker groups are said to be primarily responsible, and they sometimes use the Ryuk and Conti encryption trojans to perpetrate their attacks.

Find out more

 

Coronavirus puts cybersecurity at the top of the agenda:

A current study by the consulting firm PwC shows that due to the increased threat situation resulting from the coronavirus pandemic, the topic of IT security is becoming more important for companies.

Find out more

 

New Standard Contractual Clauses (SCC) as a replacement for Privacy Shield:

In order to create a legally secure basis for transatlantic transfer of data between the EU and the U.S., the EU Commission is working on revised SCCs. In particular, the data protection requirements that the ECJ has specified in the Schrems II ruling should be taken into account.

Find out more

 

Cybercrime

 

DDoS attack troubles British broker:

The services of the British financial services provider Trading 212 temporarily became unavailable as a result of a DDoS attack. According to the fintech company, no customer data or stock portfolios were compromised by the failure.

Find out more

 

You can’t rely on honor among thieves:

Cyber criminals are increasingly reselling data stolen by ransomware to the highest bidder on the darknet, even if the victim has paid up.

Find out more

 

Contract hackers target the financial industry:

Security researchers have come across a large-scale APT campaign in which hackers systematically penetrated the systems of South Asian financial institutions. It is not known who hired the digital mercenaries.

Find out more

 

Outdoor apparel manufacturer North Face is resetting customer passwords:

Due to a massive credential stuffing attack, North Face was forced to reset the passwords for its customers and the payment tokens stored in the accounts for security reasons.

Find out more

 

DDoS attack paralyzes RKI website:

The Robert Koch Institute website went down for several hours. The failure was caused by a botnet-based DDoS attack. It has not yet been discovered who is behind the attacks. However, it is believed that no data was leaked as the result of the attack.

Find out more

 

Struggle against criminal trading platforms:

Federal Justice Minister Christine Lambrecht wants to take action against criminal marketplaces on the internet and darknet. In order to combat the trafficking in arms, drugs, and pornography, the responsible government agencies will increasingly utilize online raids and “state trojans” going forward.

Find out more

 

Doxing: Minimizing data exposure is the best protection:

In Germany, the first judgment for doxing was recently handed down. A 22-year-old had collected the private data of numerous celebrities and published it online. This case demonstrates the importance of protecting our confidential data and digital identities.

Find out more

 

Things to know

Myra Security receives an 8-figure investment:

The German cybersecurity company Myra Security and Round2 Capital have been working together for about a year, and now they have decided to expand this partnership. Myra Security will receive over ten million euros in new funding.

Find out more

October 2020

IT-Security-Trends

Cyber warfare: U.S. military succeeds in strike against the TrickBot botnet:

The U.S. Cyber Command has temporarily disrupted the botnet allegedly controlled by Russian cyber criminals to prevent it from impacting the U.S. presidential election.

Find out more

 

BSI [BSI = Federal Office for Information Security] situation report: “Risk situation in the area of critical infrastructure remains at a high level:”

Operators of critical infrastructure see themselves exposed to cross-sector attacks, particularly DDoS and ransomware. Complex DDoS attacks on banks have caused disruptions in payment transactions. Successful defense requires protective measures on all the relevant levels.

Find out more

 

IDC study: Companies are investing more in securing their employees’ home offices:

38 percent of respondents have increased their budget for this purpose. 37 percent consider network security to be the most important issue of 2020. Security incidents have already occurred in more than three quarters of the companies surveyed.

Find out more

 

DsiN [DsiN = Germany Safe on the Net] Practice Report 2020: 46 percent of all SMEs affected by cyber attacks:

In three out of four cases the attacks led to detrimental effects. Yet few companies are actively improving their digital defenses. There is a need to catch up, especially in the implementation of operational security measures.

Find out more

 

Bitkom: Expenditures for IT security grow by 5.6 percent:

In the current year, investments in Germany will likely reach €5.2 billion, which would be a new all-time high. Services account for the largest share of the total market at 55 percent or €2.8 billion.

Find out more

 

BKA [BKA = Federal Criminal Police Office]: Number of cybercrime cases increases by 15 percent:

According to the Federal Situation Report 2019, the police registered a total of 100,514 cases in Germany. Ransomware attacks, which are often accompanied by data theft, continue to pose the greatest threat. Scammers also took advantage of the general interest in COVID-19 information.

Find out more

 

Cybercrime

 

Russian hackers steal data from U.S. government agencies:

According to the FBI, dozens of municipal and state government networks were attacked. Data is said to have been stolen from at least two servers. State-supported actors are suspected behind the attacks.

Find out more

 

Software AG becomes the target of malware attack and data theft:

The Darmstadt-based company had to temporarily shut down its in-house systems. The attackers also stole data that has since become public. According to the company, the costs for combating the attack have so far amounted to approx. €5 million.

Find out more

 

Google reports the largest known DDoS attack to date:

The attack had a peak bandwidth of 2.54 terabits/s and was launched by a state-supported actor from China. The incident occurred in September 2017, but was only just published by Google in a report on DDoS attacks on its infrastructure.

Find out more

 

Cyberbunker trial against operators of darknet infrastructure begins:

A computer center in a bunker facility in Traben-Trarbach in Rhineland-Palatinate is said to have been responsible for at least 249,000 criminal offenses, including trafficking in drugs and counterfeit money. The proceedings before the Trier Regional Court are concerned with clarifying the responsibility and involvement of the accused operators.

Find out more

 

Insider attack on asset manager Scalable Capital:

The Munich-based start-up reported “unlawful access” to strictly confidential customer data. In addition to contact information, it is alleged that, among other things, securities statements, tax and account numbers, and identification data were leaked. At least 23,000 customers are affected.

Find out more

 

Finland: Attackers steal medical records of thousands of psychotherapy patients:

Affected are patients of Vastaamo, a private provider. Like the company itself, many of them have reported blackmail attempts. A 10 GB file containing notes from therapy sessions is said to be circulating on the darknet.

Find out more

 

Best practices, defense, and mitigation

Financial Stability Council gives recommendations for action on how to deal with cyber incidents:

The report “Effective Practices for Cyber Incident Response and Recovery” is a toolkit for financial institutions. It includes 49 recommendations on how those impacted by a cyber incident can restore their ability to operate.

Find out more

September 2020

IT-Security-Trends

/wp/wp-admin/post.php?post=27869&action=edit

Cybercrime

DDoS blackmailers attack in the name of “Fancy Bear”:

DDoS blackmailers attack in the name of “Fancy Bear”:Cybercriminals pretending to be the Fancy Bear hacker group are blackmailing German companies into paying large ransoms. Those failing to heed the attackers’ demands face the prospect of critical DDoS attacks.

Find out more

 

Massive DDoS attack on Hungarian banks and Magyar Telekom:

According to the telephone company, it was one of the biggest hacker attacks ever perpetrated in Hungary, in terms of both scope and complexity.

Find out more

 

Data breach at US hospital: Medical records and personal information of 6,000 patients stolen:

The stolen records include name, date of birth, detailed medical records, and in some cases, insurance information and social security numbers.

Find out more

 

Didn’t care much for online classes: 16-year-old high school student disrupts school with a simple DDoS attack:

The teenager from Miami used the open source “Low Orbit Ion Cannon” stress testing tool to overwhelm the school district’s inadequately secured networks.

Find out more

Things to know

The Myra platform at a glance

The Myra Security-as-a-Service platform is conceived as a comprehensive protection concept for securing digital business processes. The individual solutions interact seamlessly to ensure robust IT security, performance, and certified compliance.

Find out more

August 2020

IT-Security-Trends

Data breaches are costing the German financial industry dearly:

According to a study by IBM, no other industry has recorded such high levels of damage related to data breaches and cyber attacks as the finance sector.
Find out more

Hospital law of the future: German government focuses on IT security:

The German government plans to spend three billion euros to advance the digitization of hospitals. The funding requires that hospitals focus on IT security during the digital transformation.
Find out more

There is no IT security without awareness:

If you want to strengthen cybersecurity in your company, you cannot rely on technical solutions alone. Employees must also be brought up to speed on the subject so that the right strategic response is made in the event of an attack.
Find out more

The challenge of IT outsourcing in the financial sector:

The trend toward outsourcing IT security to specialist providers is continuing. Especially in the financial sector, however, the regulatory requirements for outsourcing of this kind are being increasingly scrutinized by BaFin. This will also have an impact on insurance companies.
Find out more

Quantum computing entails opportunities and risks:

Innovative quantum systems calculate the complex risk models and optimization tasks of banks and insurance companies in the shortest possible time. However, the Federal Association of German Banks (BdB) warns that the technology can also be used to defeat commonly used encryption methods.
Find out more

Cybercrime

Encryption Trojan with affiliated leak platform:

The novel Conti ransomware not only encrypts the data of its victims but also threatens to publish the victims’ data on a publicly accessible platform.
Find out more

Travel operator CWT pays $4.5 million to get its data back:

As part of a ransomware attack, the US business travel operator was forced to pay the equivalent of US$ 4.5 million in Bitcoin.
Find out more

A million-dollar bribe for an attack on Tesla:

Cybercriminals offered an employee at the Tesla factory in the US state of Nevada a million-dollar bribe. In return, he was to infect the factory’s systems with malware. However, the employee demonstrated loyalty and reported the incident to his employer. The FBI is now investigating the incident.
Find out more

Best Practise, Defense & Mitigation

Catching up on the backlog of IT security in hospitals:

In healthcare, another critical infrastructure (KRITIS), BSI attests to weaknesses in organizational measures for cybersecurity. There is nothing to criticize in the technical implementation of security measures, but an IT-specific security culture is lacking. This manifests itself in incomplete risk management, insufficient network segmentation, and outdated Windows operating systems.
Find out more

Checking IT service providers more closely:

Raimund Röseler, Executive Director of Banking Supervision, is in favor of direct control rights and sanctions against IT service providers. This is the only way BaFin can ensure that strict compliance guidelines are adhered to in the ongoing trend toward IT outsourcing:
Find out more

Things to know

The Myra platform at a glance: Web Application Security:

Web Application Security: Injection attacks, malware attacks, manipulative bot requests, and more: Online services today are exposed to a wide range of threats that need to be systematically addressed. As an upstream protective wall, Myra Website Application Security protects the web applications of companies and government agencies from all of these kinds of attacks.
Find out more

The Myra platform at a glance: Web Intelligence:

Web Application Security: Injection attacks, malware attacks, manipulative bot requests, and more: Online services today are exposed to a wide range of threats that need to be systematically addressed. As an upstream protective wall, Myra Website Application Security protects the web applications of companies and government agencies from all of these kinds of attacks.
Find out more

July 2020

IT-Security-Trends

Social Engineering: What the Twitter Hack Shows Us:

Attackers have successfully hacked countless celebrity and corporate accounts on Twitter and used them for bogus spam messages. The blame for this was not due to a vulnerability in Twitter’s systems, but to a successful social engineering attack on one of the service’s employees. You can find out more about the attack here:
Find out more

Digitization in Health Care in Demand as Never Before:

International studies have shown that patients are increasingly demanding digital treatment methods such as telemedicine, health apps, and AI-supported diagnostics programs. The basis for successful digitization in the health care sector, however, is IT security, data protection, and compliance.
Find out more

Apart from Critical Infrastructure, Infrastructure Providers Are Often Easy Prey:

Hackers have succeeded in stealing and releasing customer and employee data from an energy supplier in Mainz. Like many other municipal providers, which due to their size do not fall within the definition of critical infrastructure, the company does not have to meet the high standards set out in German IT security legislation.
Find out more

Ransomware Security Measure Hobbles Lower Saxony’s Tax Offices:

In order to avoid being infected by Emotet and other types of malware, the tax authorities of Lower Saxony have since the beginning of the year stopped processing e-malls with file attachments or links. A secure environment for the quarantined opening of such content is presumably in the test phase.
Find out more

Cybercrime

Credential Stuffing: The Underrated Risk:

Even in spectacular security breaches, hackers don’t usually overcome any technical security hurdles, but instead often simply misuse normal login details.
Find out more

Windows POS Malware Uses DNS to Steal Credit Card Information:

A new type of malware uses the DNS protocol to steal credit card data and payment information from cash register systems without being detected. The stolen information can be used directly for transactions or even to clone credit cards.
Find out more

Cybercrime: What’s behind Digital Crime?

With increasing digitization, cybercrime continues to gain momentum and causes billions in damages to the economy, government, and society at large. Learn more about the multilayered threat from the Internet here:
Find out more

GDPR Shows Its Teeth:

Last year, about two-thirds more breaches of the General Data Protection Regulation were reported in Europe. In most cases, the violations involved unauthorized access to personal data through cyberattacks, tampering and sabotage, and the loss of non-secured mobile devices and laptops.
Find out more

Things to know

The Myra Platform at a Glance: Multisite Load Balancer:

Delayed access or even total failure of web applications and online services are unacceptable in a professional environment. Multiple redundant server systems and data centers provide a remedy for such problems. Without smart distribution of access, however, even such concepts are of little help.
Find out more

The Myra Platform at a Glance: Content Delivery Network:

What counts most on the Internet are speed and stability. If, in contrast, there are delays in loading websites or using web applications, most users leave after a few seconds and look for alternatives. That’s why companies cannot afford to sacrifice performance when doing business online.
Find out more

The Myra Platform at a Glance: DDoS Protection:

Myra DDoS Protection is an integral part of our certified Security-as-a-Service platform. The solution, developed and operated in-house, reliably and fully automatically protects web applications, websites, DNS servers, and IT infrastructure.
Find out more

June 2020

IT-Security-Trends

With Cybercrime as a Service, digital attacks become a service:

Anyone who now wants to digitally target companies no longer has to get their fingers dirty. Cyber attacks are offered as a service on the Darknet.
Find out more

DNS attacks cost companies an average of EUR 920,000:

In Germany, the financial harm caused by DNS-based attacks on companies amounts to an average of EUR 920,000. According to IDC, phishing, and DDoS attacks are among the most common types of attack.
Find out more

Why captchas alone are not enough:

Captchas protect web applications from malicious access by bots and spammers. However, the plus in security comes at the price of disadvantages in accessibility and usability. The little image and audio puzzles also present an obstacle for some human users.
Find out more

Incomplete digitization in the insurance industry:

According to a recent YouGov study, insurers score only average on the digital transformation. While data protection and IT security were rated by the majority, there were shortcomings in the user experience.
Find out more

Social engineering and phishing in perfection:

Cybercriminals forge business e-mails and websites with ever increasing precision. At first glance, the malicious fakes cannot be distinguished from the originals. Awareness and a trained eye are required to reliably spot phishing.
Find out more

SMEs underestimate the risks:

German small and medium-sized enterprises are increasingly becoming the focus of cybercriminals. Compared to larger companies, however, medium-sized companies are rarely reliably protected against attacks, and there is often a lack of awareness of the problem.
Find out more

Cybercrime

Major raid against users of Darknet platform:

More than 1,400 police officers throughout Germany were involved in a major raid against users of Crimenetwork, the illegal online platform. In over 200 searches, more than 300 TByte of data material was seized, allegedly providing evidence of drug and arms trafficking, botnets, credit card abuse, and other crimes.
Find out more

Computervirus shuts down Berlin Court of Appeal for nine months:

The majority of the roughly 150 judges of the Berlin Court of Appeal have been unable to work for about nine months because their recently purchased laptops cannot be securely connected to the court’s internal network due to a lack of VPN (via Fefe).
Find out more

Financial service providers in BaFin’s sights:

In its journal, the Federal Financial Supervisory Authority (BaFin) regularly draws attention to shady characters on the financial market who have attracted attention through questionable products and illegal practices. The black sheep at a glance:
Find out more

Things to know

IT Security Act: Big update coming up:

The IT Security Act is getting a major update in order to bring the catalogue of requirements and also the BSI itself into line with the current level of threat. In essence, the current draft law for IT Security Act 2.0 provides for an active protective role of the BSI for the government, economy, and public.
Find out more

SOC: Where all threads of cybersecurity come together:

In the Security Operation Center (SOC), IT specialists continuously analyze and evaluate all security-related data of corporate IT. The SOC’s primary task is to proactively identify and close possible vulnerabilities in systems and to actively initiate countermeasures in case of cyber attacks.
Find out more

May 2020

IT-Security-Trends

Cybercriminals exploit corona crisis for attacks:

While COVID19 is causing a global state of emergency, cybercriminals, and hacker groups are taking advantage of the situation to target critical services. In addition to the public sector, the healthcare, and financial industries are also affected by the attacks:
Find out more

Credential stuffing is increasingly becoming a problem for banks and payment service providers:

The systematic misuse of login data on the internet is one of the most frequently used tools of attack for cybercriminals. Online scammers are mainly looking for lucrative access for banking and payments.
Find out more

The Association of German Banks (BdB) sees a need for action:

Banks must expect much more sophisticated cyber attacks in 2020 than in the past. This is why coordinated measures for more IT security and industry-wide cooperation are now required:
Find out more

Mobile on the move:

Security-critical applications from the banking sector are also increasingly being used on mobile devices. It is important there to create secure platforms for financial services:
Find out more

Cybercrime

Supercomputers under fire:

A number of European high-performance data centers had to disable access to their supercomputers due to hacker attacks. The SuperMUC facility at the Leibniz Supercomputing Center in Garching, the Hawk high-performance computer at the Stuttgart HLRS, and the Jureca system in Jülich were also affected. The background to the cyber attacks is currently still unclear:
Find out more

Major attack on WordPress:

In a large-scale attack campaign, a hacker group took fire at over 900,000 WordPress websites. The sites were to be taken over by cross-site scripting (XSS).
Find out more

Best Practise, Defense & Mitigation

Remote work requires security by design:

Working safely away from the office is commonplace in times of corona. User-friendly IT security provides practical protection.
Find out more

IT Security Act 2.0 makes BSI a powerful cyber authority:

The new draft for an expanded IT Security Act provides for the retention of log data, among other things. The office is also to be expanded by about 600 positions, according to plans by Federal Interior Minister Horst Seehofer (CDU):
Find out more

Cybersecurity and business must work in harmony:

Gartner analysts are calling for decision-makers to make IT security a business-critical area in companies. After all, cybersecurity decisions have a direct impact on business results – not least due of the impact of the corona pandemic:
Find out more

Things to know

What exactly does the BSI do?

The Federal Office for Information Security (BSI) is committed to the protection of IT systems in government agencies, companies, and private households. Find out what they do in detail here:
Find out more

There will be cybercriminals for as long as the money keeps rolling in:

Digital attackers usually act out of monetary interests. Current studies show that in 9 out of 10 cases cyber attacks are financially motivated:
Find out more

Share this article