You deal with cyber attacks on behalf of the defense and interior ministries. What critical infrastructure is it protecting?
It’s a broad spectrum, ranging from the power grid and communication networks to traffic routes and hospitals. From my point of view, the real challenge is that all these individual parts are interdependent and you have to look at the entire system.
What would be the damage from a major cyber attack?
If the entire Internet went down, more things would no longer work than is generally assumed. Even after the flood in the Ahr valley, the digital police radio stopped working. That gave a little taste. In my opinion, such domino effects must be given much more attention.
So do we need analog fallback options up our sleeves?
No, not mandatory. Security is also possible digitally. But we also need to be able to withstand a limited outage for a period of time. From the point of view of cyber security, it is therefore about the segmentation of networks and the question of what has to be connected to the Internet. The introduction of digital electricity meters, for example, raises a number of problems.
How high is the risk of cyber attacks at the moment?
To answer this question, just look at your own e-mail account. There are e-mails coming in every day that it is better not to open. There are plenty of criminals who want our money and data. State secret services are also active, as was shown, for example, with the Stuxnet attack on the Iranian nuclear program. There is also a hacker community that looks for security gaps – and sometimes something happens unintentionally.
In the summer, an attack paralyzed the administration of the Anhalt-Bitterfeld district. The disaster was lifted only recently, half a year later. How do you classify this attack?
These were probably common criminals who launched a ransomware attack and promised to release the data for money. The district didn’t get involved, which I think is right. However, this attack revealed the weaknesses of our communities and made it clear that there is a need for action there. When a municipality has the choice between a new kindergarten and a new firewall, the municipal council usually chooses the kindergarten. That is understandable. The protection of municipal IT systems also suffers from a shortage of IT staff and poorer salaries in the public sector. In the case of Anhalt-Bitterfeld, however, it has also been shown that the experts at the various federal, state and local levels work together in an uncomplicated and effective manner.
Are there overlaps between cyber criminals and state actors?
It is at least frequently reported that the state of North Korea makes money from cybercrime. The attribution of cyber attacks is also one of our research topics. Actually, however, one has to say: You can almost never determine the origin of a cyber attack with certainty. When someone says that precisely this or that Russian authority carried out the attack, it is often more politically motivated than scientifically based.
But at least it is documented that Russia is spreading fake news.
Therefore, the term cyber attack should actually be expanded. If lies and disinformation are deliberately spread and infrastructures are digitally attacked at the same time, I believe this is a cyber attack on society as a whole. We are witnessing a deep attack on our democracy, which worries me greatly.
#Russia #Cyber #Attacks #Deep #Attack #Society