Those who do not protect themselves are putting their livelihood at risk
Hacker attacks and cybercrime have become an acute threat that can hit any company without warning. Thriving German SMEs are increasingly being targeted by criminals. (This article by nicos CEO Robert Holm was published as a guest article in MARKT and MITTELSTAND.)
It's every company's nightmare: the IT system goes on strike and no longer allows access. Instead, the following message appears on the screen: "Your data is encrypted!" This terrifying message is usually accompanied by a request to pay a high ransom, often in the tens of millions, in order to regain control of the data. Those affected are then faced with the difficult question of how to deal with the blackmail. But no matter what they do, there is no certainty that it will all end well.
Data thieves do not even stop at authorities and public institutions: the case of the district of Anhalt-Bitterfeld, which had to shut down most of its work and services in the summer after criminals paralyzed the computer system, whereupon the district administrator declared the first cyber disaster in the history of Germany, attracted particular attention.
According to a recent study by the IT industry association Bitkom, cybercrime now causes annual losses of more than 220 billion euros to the German economy. This is roughly twice as much as two years ago. Nine out of ten companies were affected by IT security incidents in 2020/2021. The media group Funke, automotive supplier EDAG, food retailer Tegut, switchgear manufacturer Schmersal and Aerzener Maschinenfabrik were among those severely affected, as reported in various media.
Last but not least, companies are threatened by the fact that their own employees are a particularly common gateway for cyberattacks. Criminals specifically use the "human factor" as the supposedly weakest link in the security chain, for example, to gain access to passwords or infiltrate malware. For example, harmless-looking PDF files sent as email attachments can infect an entire IT system - often completely unnoticed by the affected company until the blackmailers get in touch. As a rule, the blackmailers spy on the company virtually for weeks or even months before they then strike seemingly out of nowhere and threaten to paralyze the system, destroy data or make their demands. At this point, they are well informed about their victim, including their solvency and cash holdings.
As large corporations have increasingly protected themselves against such incidents in recent years by setting up powerful IT departments, successful SMEs are now increasingly being targeted. Many of them continue to underestimate the threat of cybercrime. Yet effective protection is essential, not only for self-protection, but also because the ability to demonstrate IT resilience is often already a prerequisite for participating in tenders or using insurance cover.
Companies should therefore not take any unnecessary risks, but take action: A cyber defense assessment, carried out by experienced IT security specialists, is a sensible first step. This allows serious security deficiencies to be uncovered quickly. The aim should be to develop an efficient defense strategy based on a complete package of measures for prevention, detection and response.
Today, effective defenses are essential to protect SMEs. Before it is too late, because there are increasing signs that the acute danger of cyber extortion will not disappear, but will remain a permanent threat. Permanent vigilance through 24/7 monitoring of the IT landscape is a prerequisite for effective protection.
*This article by nicos CEO Robert Holm was published as a guest article in MARKTundMITTELSTAND:
https://www.marktundmittelstand.de/zukunftsmaerkte/wer-sich-nicht-schuetzt-setzt-seine-existenz-aufs-spiel-1299101/
Further information: www.nicos-cdc.com