Professor Eckert, as information and network technologies continue to spread, they are simplifying our personal lives and increasing the competitiveness of companies. But security threats from cyber attacks are increasing too. Can we still trust the Internet and our communication media?
Prof. Dr. Claudia Eckert: It’s true that cyber attacks are increasing at a tremendous rate in aggregate terms. And that’s not all; their focus is changing as well. Instead of being relatively indiscriminate in their targeting, they’re now more focused on individual companies or even individuals. According to an analysis conducted by the German Engineering Association (VDMA), the damages incurred by companies whose know-how was siphoned off or whose products were copied, for example — amounts to more than eight billion euros per year for German engineering firms alone. Other studies estimate the damage from cyber attacks, such as identity theft, theft of information, manipulation, etc., to be at least 575 billion dollars worldwide, with the number of unreported cases believed to be very large. Cyber crime is now thought to be more profitable than the international narcotics trade.
How do cyber criminals generally operate, and what is their objective?*
Eckert: In addition to pilfering information, cyber intruders from the sphere of organized crime often try to blackmail their victims. For example, the purpose of an attack may be to encrypt local, internal company databases, and the key to decrypt them will only be given in exchange for a ransom. Another common type of attack is an “advanced persistent threat” or APT. An APT is malware that is specifically tailored to the system it attacks. It generally contains complex malware features and embeds itself deep inside the compromised system. An APT usually uses a known vulnerability as its point of entry and penetrates deeper from that point. It typically conceals its presence from known methods of detection. An APT can therefore often be active in a system for very long periods of time, for months or even years, before the malicious code is uncovered. Advanced persistent threats usually scout out data and send it to special servers, but they can also deliberately manipulate systems. In addition, there is identity theft, i.e., stealing passwords or other credentials. Another common problem is that the level of security consciousness among company staff and the general public is low or nonexistent.