What is it, who is behind it and how can I protect myself? We asked Gilbert Lange, Digital Project Manager, about this.
It affects private companies, hospitals and municipal facilities. Now the Potsdam city administration is also offline for weeks after a cyberattack, and the Tagesspiegel newspaper reports: Berlin is also under threat. “The door to the state network is open and nobody notices when someone comes in,” an IT expert is quoted as saying. Everyone is talking about cyber attacks, but what exactly are they?
UVA explains: Cyberattack for dummies
First of all: The word
Cyber goes back to the ancient Greek word κυβερνητικός “cybernetic”. This gave rise to the term cybernetics: the control and regulation of machines and/or social organizations. Today, “cyber” often stands for computer applications in general.
What is a cyberattack?
Sounds like aliens in the flesh, but attackers and attacks are usually invisible. What happens: A digital system, for example a website, is virtually entered by unauthorized persons who manipulate it and do things here that harm the actual operator and user: Disrupt functions, shut down or steal data / data theft.
How does such an attack actually work?
There is always danger wherever data is transferred from the outside to the inside. Entry points are created via program errors or vulnerabilities (in the source code) through which the attacker gains access to the system. For example, via forms used by an administration: No name or subject is entered, but the code for a virus. The most common point of entry, however, are e-mails or data carriers such as USB sticks from home. You bring it with you because, for example, the administration is currently offline due to an alarm (so the cat bites its tail), and suddenly there’s a virus on it that you didn’t even know you had at home that has made it into the town hall this way.
How is a cyberattack detected?
One indication may be that a conspicuously large amount of data transfer is measured at unusual points or in unusual directions. The IT alarm system should also be triggered if an incorrect password is entered unusually often. However, there is also the strategy of attackers to overload the security system in order to penetrate undetected in the chaos.
The motives: Who does this and why?
- Because you can, as a challenge or for the pleasure of vandalism.
- Out of revenge, because you are a disappointed user and now want to harm the administration or relieve frustration.
- As blackmail: In return for a ransom payment, for example, the victim receives a code with which they can retrieve their data or unlock their system.
- In war, to inflict maximum damage.
How can you protect yourself?
The best prophylaxis is good staff and good technology, seamless support and maintenance. Mandatory or recommended updates should always be carried out immediately. Unfortunately, there are always security gaps that are completely new and unknown. Last but not least: good password protection is immensely important! After all, humans are still the biggest weak point.
