From system hardening and network zoning to active security monitoring

This blog article reproduces the presentation by Ralf Kempf at the event “Cybersecurity for Maritime Infrastructures” organized by Maritimes Cluster Norddeutschland e.V. (“Northern German Maritime Cluster”, held October 30, 2019, in Bremerhaven).

Today, cyberattacks on companies can easily cause damage in eight or even nine figures. Such attacks often take the form of spam e-mail, written with perfect spelling and grammar, that appears to have been sent by a colleague or a friend. The recipient is usually instructed to click a link or enter a password. And then it’s already too late: The malware spreads throughout the company.

Yet companies can protect themselves even against such professionally prepared attacks. I repeatedly encounter cases where companies spend lots of money on physical access protection, but leave all doors wide open when it comes to e-mail. If someone wants to enter the building, they have to show their ID – but anyone can gain access via e-mail or USB stick. There will always be an employee who clicks an enticing link – that’s just human nature – but it’s negligent for companies to give them the opportunity to do so in the first place. IT security can be vastly improved with just a few, very simple security precautions. You could prevent e-mails with Office attachments from being delivered right away, for example. Instead, these e-mails could initially be placed in quarantine for review. Another simple step is the deactivation of macros. In short, companies should always ask the following key question:

Continue reading →