interview
Status: 11/30/2022 4:06 am
Cyber criminals are endangering the security of Germans like never before. The greatest danger for computer security does not come from virtual hacker attacks, says expert Resch – but from people.
The situation report of the Federal Office for Information Security paints a bleak picture. The danger posed by cybercriminals and state actors is higher than ever in Germany.
How can infrastructures be protected? The first line of defense for IT security is still a locked door, says Michael Resch from the High Performance Computing Center Stuttgart (HLRS) in an interview tagesschau.de. With “Hawk”, the HLRS operates one of the most powerful supercomputers in the world.
The supercomputer “Hawk”
It takes up around 120 square meters of space, cost 38 million euros and is one of the most powerful computers in Europe: The computer at the high-performance computing center at the University of Stuttgart has a computing power of 26 petaflops – one petaflop represents one quadrillion arithmetic operations per second. For comparison: A PC with a 1 gigahertz processor can “only” carry out one billion operations per second.
“Hawk” can be used in various research projects, for example in the calculation of climate models or in the field of artificial intelligence. It is also intended to advance industrial applications and, for example, improve aerodynamics in aircraft and automobile construction or make wind turbines more efficient. Because many research projects are first simulated in computers instead of building prototypes directly and then carrying out measurements.
tagesschau.de: What is the biggest security risk right now? Virtual hacker attacks?
Michael Resh: No, the biggest problem is always the people. Either those who infiltrate illegally or those who act from within. In IT security, it is generally the case that a system is best cracked from the inside. The worst that can happen is a person who gets so angry with the institution that they say, “I want to harm this institution.” She has access to everything and can harm from within.
To person
Prof. Michael Resch has been Director of the High Performance Computing Center in Stuttgart since 2003. At the same time, he heads the Institute for High Performance Computing at the University of Stuttgart. He studied technical mathematics at the Graz University of Technology. In 2002 he became an assistant professor at the University of Houston, Texas, USA.
tagesschau.de: How could someone intrude from the outside?
Resh: We had such a case when we were about to install a computer. That’s why we didn’t close all the doors and in fact some did come. They stole 20 knots worth about 200,000 euros using a forklift and van.
tagesschau.de: Is this a “worst case scenario”, the worst possible attack?
Resh: no My worst case scenario is that someone takes over and uses the computer. One of the key points in IT security is: The more computer power I have, the easier it is for me to attack a system. And our 26 petaflops high-performance computer can be a very powerful weapon in the wrong hands.
tagesschau.de: In what way?
Resh: Our system itself is not that valuable. We do not support critical infrastructure. If we get hacked, there will be no power outages and no people will die. But the damage can still be immense.
I sometimes refer to our computers as “weapon of mass destruction”. That may be an exaggeration, but in May 2020 we had a case where someone tried to take over several supercomputers in Europe. That is, someone did not hack these systems in the sense that they tried to extract data from them. No damage was seen, nothing was counted illegally.
But someone installed a small program on these computers with which one could have used these computers. That means whoever that was was preparing to have, in some case, multiple systems in Europe that they could use for whatever.
tagesschau.de: So someone hijacked the computers to use as a weapon?
Resh: Exactly. They then investigated where the hacker came from and found that a German computer was hacked via a Polish account and this via a Chinese one. But we know that the German computer gave access to a Polish colleague and that probably to a Chinese colleague and that’s why I say: people are the most dangerous thing.
tagesschau.de: That is, these attacks have an international dimension. In your opinion, has the security situation changed as a result of Russia’s war of aggression?
Resh: No, the threat is not new. The situation with Ukraine has changed our security situation only in the sense that we are putting our cooperation with Russia on hold, but not in the sense that we have to change our work.
We can assume that the secret services that have such capabilities will use them. And that for a long time. And it doesn’t matter whether it’s Russian, American or Chinese.
tagesschau.de: Would you say that Germany is well positioned when it comes to IT security?
Resh: Well, that’s like the Bundeswehr. It’s an ongoing process. The question is always what my opponent’s offensive weapon is and how I can react to it. And things are constantly changing. We hedge against what we know. Against viruses that are smuggled in and much more. What you don’t know is which new variants and methods the other side is developing.