You can find the article on DTS in the "Neue Westfälische Zeitung" newspaper here in the PDF/print version and here in the web version (in German only).
Attacks from the Internet: How to Protect yourself
Herford, Germany. Companies and public administrations are subjected to attacks every day. The perpetrators do not come armed with knives or pistols, but use much more subtle methods – over the Internet.
They cause chaos with the help of viruses, worms and trojans. A single cyberattack is enough to cripple a company's systems. The only way to minimize the damage is provide for effective protection.
"Our network is subjected to several hundred attacks every hour," states Réne Scherer, Marketing Director at Steute Schaltgeräte. Defense against attacks like these from the network has long been part of our everyday work at the company. "We have a member of the IT staff who spends several hours a day dealing with cyberattacks," states Scherer.
According to Andreas Schürkamp, Technical Director at the Herford-based company DTS-Systeme GmbH, which has established itself as a specialist in IT security throughout Germany, the number of attacks from the network has not only increased, but the quality of the attacks is also increasing. Criminals often use spam mails or the what are called DDoS attacks (Distributed Denial of Service).
Spam mail is the term used to describe unwanted messages which are usually transmitted electronically and are sent to the recipient without being asked for. They often contain links or attachments that can damage a computer system. "In the past, you could tell at a glance whether you had received a spam mail simply from the poor spelling," states Schürkamp. "These days, the perpetrators are much more professional."
For example, an email disguised as a message from the management ends up in the accounting or marketing department - one of employees there opens the attachment or clicks on a link and by doing so infects the company's computer system. "These mails can also contain viruses, trojans or worms. In any case, something that paralyses the system," states Schürkamp. In case of doubt, staff should carefully check the sender's address and only open attachments after asking.
Good Spam filter Essential
"In order to protect yourself against spam and the malicious code contained in the mail, good verification mechanisms are vital," states the IT security expert. Software or services exist which help to stop spam mails ever being delivered or which filter out unwanted links and attachments.
Reinhold Harnisch, Managing Director Local Govt. Data Centre (LGDC) in Lemgo, also believes IT protection to be essential. The emails that City of Herford and all other municipalities in the districts of Herford, Minden-Lübbecke and Lippe receive, for example, end up on the LGDC server. "We filter 96 percent of spam out of local government emails," states Harnisch.
Opening spam is always a potential danger. For example, malware can rob a computer of its processing power. "The computer can also be interconnected with many thousands of other computers and used for major attacks," states Harnisch. Experts speak of a bot network in this context. Such attacks are known as DDoS attacks.
Denial of service in information technology refers to the unavailability of an Internet service that should actually be available. Reasons for this can be to overload the data network or as a targeted attack by cyber criminals where an overload is deliberately brought about.
According to Andreas Schürkamp, server operators are even being blackmailed into paying money to regain access to their Internet services.
"The perpetrators work on the basis of fear. Sometimes simply the threat to paralyze a service is enough to force companies to pay," states Schürkamp. Usually the perpetrators insist on being paid in Bitcoins, an online currency that cannot be traced.
In the meantime, DDoS attacks like this are being offered for sale on the Darknet and in other places. Buyers can use these services to harm competing companies. "And it doesn't even have to be financial harm. Sometimes a site which has gone offline leads to a resulting loss of image for the company concerned", explains Schürkamp.
However, protecting yourself against such attacks is always possible. "Defense mechanisms are available for all scenarios," states the expert. "However, they need to be implanted as a preventive measure. In the aftermath of an attack there is usually nothing left to save."