Online exams at Münster University of Applied Sciences are largely canceled this summer. The professors at the more than 50-year-old university of applied sciences have by no means gone back to pencil and paper. The institute fell victim to a cyber attack. Nothing worked – for days. All computer systems were paralyzed. Experts from the Federal Office for Information Security (BSI) and an IT security service provider worked together to solve the problem.
The teaching institute in Westphalia is not isolated. Cyber attacks, also on private individuals, are now part of everyday life in Germany. “Smart televisions, vacuum cleaner robots, smartwatches, language assistants, smartphones and tablets – we are using more and more networked devices,” explains Arne Schönbohm, President of the BSI. “And every connected device is potentially vulnerable.” The federal authority BSI takes care of IT security issues on behalf of the Federal Ministry of the Interior.
When EC card terminals go down for weeks, like Facebook services like Whatsapp since May or last autumn, many people only realize how dependent they have become on Internet services. Both cases are due to software bugs, not criminal attacks. Worse still are many cyber attacks, in which hackers exploit weak points in computers: Not only is teaching then paralyzed, in some places operations have already come to a standstill after attacks from the Internet. The damage then quickly adds up to millions.
Cyber criminals have it much easier today
Norton, provider of security software, estimates the costs of cybercrime in Germany at 5.9 billion euros for 2020. However, such figures can only ever be rough estimates: the industry itself likes to exaggerate in order to stir up fear – the number of unreported incidents on the other hand is enormously high.
Attacks on computers are as old as computers themselves. The first papers on self-replicating software even date back to 1949 and basically describe a modern computer virus. However, the times when malicious programs had to be laboriously spread by distributing them on floppy disks are long gone. Computer criminals have it much easier today – because of the Internet. A careless click on an email attachment is enough to inject malicious programs into the company’s own network.
2022 will go down in history as the year in which it was no longer just criminals who attacked computers. Cyber warfare has raged online since Russia invaded Ukraine in February – albeit to a lesser extent than many experts expected. The two countries were already home to many cyber gangs before the war. Some attacks became known: Russian television was disturbed, instead of the current program, pictures of the Ukraine war were shown. In Belarus, hackers paralyzed the electronic booking system for tickets.
“Now it’s time to raise your shields and be alert – but we haven’t really registered any more attacks yet,” explains Myriam Dunn Cavelty, cyber security expert at the Center for Security Studies (CSS) at ETH Zurich. In its assessment of the security situation on the Internet after the Russian attack, the BSI calls for increased caution. “Since the start of Russia’s attack on Ukraine, there have been individual additional IT security incidents in Germany, but these only had isolated effects,” says the report.
Something else has changed with cyber attacks: in the past, it was often about proving yourself as a hacker, leaving a funny message on the attacked computer, but now greed reigns supreme. Using ransomware attacks, hackers try to demand as much money as possible from the victims.
You can rent blackmail software online
With this method, access to data or IT systems is restricted for their owners, for example by encrypting information. To increase the pressure, hackers then publish some of the sensitive data on the Internet, such as a company’s customer information. Full access to the data is only granted after a “ransom” has been paid, preferably in a cryptocurrency such as Bitcoin.
However, the release of your own data when paying is not guaranteed even then. The BSI experts therefore strongly recommend filing criminal charges. The first ransomware attacks came in the 1990s. The topic has recently picked up speed with increasing digitization in companies, dependence on the Internet and the spread of cryptocurrencies.
The US company Coveware specializes in ransomware attacks. According to her observations, ransomware victims paid an average of $12,700 in early 2019, and $111,600 the following year. At the end of last year, the average was $139,700.
What is particularly frightening is that the attackers don’t even have to have any know-how. Criminal energy alone is enough. There have long been offers of ransomware-as-a-service on the dark web: blackmail software that can be rented, usually for a profit-sharing fee. The hacker group Lockbit 2.0, for example, has become known for programming malware, providing infrastructure for communication and handling the payment of ransoms. Partners only have to prepare the attack itself.
In the race between criminals and victims there is a ray of hope, the cloud. “The cloud makes technology much simpler and safer,” says Urs Hölzle, chief engineer at Google. While in a classic IT environment, legions of technicians are busy keeping programs up to date and adapting them to company needs, he explains, security problems in the cloud can be solved for thousands of customers at the same time. However, one thing seems to be certain: the hackers will not give up the race anytime soon. The prospect of plenty of cyber loot will fuel their inventiveness.