Five practical tips against hacker attacks

"The year 2021 is not only shaped by the pandemic. All areas, administration, economy and society have carried out the digital jump. This is now a lot of opportunities at the turn of the year. contribute to making our systems more secure. Noopener "> Thomas Strobl .

5 practical tips against hacker attacks about the holidays:

1. Check all of your applications as to whether you are affected by the Log4SHELL vulnerability, for example via the cyber security warning of the Federal Office for Information Technology (PDF) . In this case, immediately install the updates provided by the manufacturers.
2. The CSBW advises that information technology (IT) systems over the holidays and between the years not to leave completely unattended and to have an emergency plan ready in the event of a cyber attack. Expert support for companies, for example, provide the Central contact for cybercrime Class = "Link-External" href = "https://cyberwehr-bw.de/" Target = "_ Blank" rel = "Nofollow noopener"> Cyber-defense Baden-Württemberg and in highlighted cases and for the authorities of the country the cyber security authority itself.
3. It also makes sense for companies to sensitize their employees and point out possible dangers.
4. Have you set up a new smartphone, a new router or made fun of smart furnishings? Check the security and data protection settings of new devices and set up new passwords or access data immediately; Do not leave the passwords set on the factory.
5. protect yourself from phishing emails! Basically, every email and every messenger message should be carefully checked. The following checklist of the Cyber Security Authority Baden-Württemberg helps to recognize possible phishing emails and prevent the spread of harmful messages. Check every email based on the following features:
   1. am I personally addressed? Often no personal salutation is used. You always address your bank and your online payment service with names and never with "Dear customer".
   2. Who is the sender? In most cases, the sender address is fake in phishing emails and supplemented with additives such as "Service" or "Info". Pay particular attention to deviations between the supposed sender and the email address next to the sender! It is possible to change the sender name of an email as desired, but not the actual email address.
   3. am I under pressure? Fraud emails mostly communicate urgent and threaten consequences.
   4. Is the link or appendix trustworthy? Fraudulent emails either contain a faulty link or an incorrect attachment. You can see the destination address of the link by driving the mouse over the link without clicking on it.
   5. The sender asks for personal information? No serious sender calls you to enter your personal data by email or SMS!
   6. In what language is the email written? Phishing emails are sometimes written in a foreign language or were incorrectly translated into German. But there are also very well designed and formulated phishing emails, which is why they shouldn't rely too much on this function.

   attacks occur daily and almost at all times

   The number of successful attacks in the state administration per year is usually constant in the single -digit to low double -digit range. With regard to the use of the terms "cyber attacks" and "attacks" as well as the collection of their number, it should be noted that such attacks can be determined daily and almost at any time in the area of the state administration-for example by massive forwarding harmful emails or through external scans on vulnerabilities and security gaps. Automated, multi-stage protective measures are filtered out in the state administration of over one million spam emails and virus contaminated e-mails alone. Likewise, a variety of scans - sometimes several hundred - are automatically carried out and blocked after weaknesses and security gaps on the firewalls and protective systems. In particular, these can be seen conceptually as attacks / cyber attacks. Overall, the number of attacks and attempts at attack increases.

   The cybersecurity agency sensitizes for all of these topics so that there are no security incidents. For employees of the state administration and the municipalities, the CSBW for 2022 starts a sensitization campaign in which cyber security is to be strengthened with many tips and assistance.

   cyber attacks

   The most important gateway for cyber attacks are so-called phishing-emails . They can cause extremely high economic and operational damage. Cybercriminals try to get confidential information such as passwords, access data or credit card numbers with fake messages in which you link to fake websites. However, these emails are increasingly contained with malware infected file attachments that are supposed to intersect malware such as trojans or ransomware.

   The Federal Office of Safety in Information Technology assumes a significant increase in the number of attacks with ransomware for 2021. In particular, it also warns of the increasing threat from emotet -a malice program that is spread through spam campaigns and tries to get access to authentically looking emails. It is particularly dangerous to emotet that it acts as a "door opener" for further malware. As soon as the malware has been installed on the victim's computer, cybercriminals can download additional malware.

   A survey by the digital association Bitkom shows that more and more people are becoming victims of cybercrime. Eight out of ten people (79 percent) now state that they have experienced attacks on the Internet in the past 12 months. Almost half of the respondents (47 percent) have already had experience with malware.

   The Cyber Security Authority Baden-Württemberg

   The cyber security authority is the central coordination and registration point for Cyber security in Baden-Württemberg. It is constantly collecting data on accomplished or attempted security gaps, malware and attacks on cyber security. To do this, she also receives reports directly from those affected. It documents everything relevant and evaluates the data. Based on the knowledge, the experts from the CSBW create a nationwide and always up -to -date position. For example, the CSBW provides other authorities about this management report. It also expressly warns of special dangers. In addition, the CSBW state, administrations, municipalities, business, science and research in the field of cyber security.

   The CSBW can also take orders and take measures to protect the state authorities and organizations connected to the network of the state administration.

   In the case of cyber attacks or other incidents, the CSBW state authorities, cities and municipalities can help, right up to the restoration of the systems after an attack. In individual cases, other organizations that are important for the common good can also receive help. Citizens from business, science and administration are sensitized by the CSBW to the topic of cyber security. The CSBW does not perform any police tasks such as law enforcement. However, she works closely with the State Criminal Police Office, the State Office for Constitutional Protection as well as other security authorities.

   beyond the national borders, the CSBW is the central point of contact for cyber security organizations in Germany at the federal and state level (such as z Hessen cyber competence center H3C and the Bavarian State Office in Information Technology ), in the European Union) and international.