Cybersecurity basics: Everything you should know

The more connected the digital world grows, the more important the issue of security becomes. As cyberattacks steadily increase, data security has to keep pace or, even better, be at least one step ahead. New solutions enhance security. But what do they look like and what threats actually come from the Internet?

Cybersecurity and cyberattacks

After the Internet was invented 1989, little attention was paid to security for private users to begin with – no one assumed there would be such a thing as online crime. That changed in the following years and terms like cybersecurity and cybercrime were coined.

What is cybersecurity?

Cybersecurity deals with all aspects of security in information and communications technology and embraces a wide range of different measures, concepts and guidelines. These aim to protect computers, servers, mobile devices and networks connected to the Internet against unauthorized access, data theft, attacks and manipulation from the whole of cyberspace.

What is a cyberattack?

A cyberattack is a hostile attack on another party’s computer network, in which an attacker spies on the network, cripples it or even manipulates it to their own advantage. Cybercriminals target individual citizens, companies, political institutions, pubic authorities and even an entire country’s infrastructure.

More connected devices – more attacks

The reality is that cybersecurity is growing in importance: The IT network of Volkswagen, the world’s largest car manufacturer, is attacked 6,000 times a day, according to the German Federal Office for Information Security (BSI). High-tech companies like Infineon are also the target of many cyberattacks. Its Business Continuity department organizes its defenses.

According to the BSI, there are 20 highly specialized and serious attacks on the government’s network itself every day. And the experts from Kaspersky Lab detect around 360,000 new malicious files a day worldwide. Companies with a lot of customer master data, such as online shops or e-mail providers, are affected in particular. The objective: To steal personal data, such as account details and passwords.

Connected devices deliver a great deal of convenience, for example, by allowing you to turn up the heating by smartphone while you’re out, so that you come home to a warm living room. Yet they also offer attack surfaces and a doorway to cyberattacks. By the year 2020, five billion people worldwide will use smart devices to engage with the world around them.

What types of attacker and targets are there?

There are various types of cybercriminals:

  • Internal versus external perpetrators
  • Lone wolves versus organized crime
  • Criminals with a financial versus a terrorist motive
  • Hidden attackers versus attackers aiming to attract public attention
  • Attackers of private organizations versus attackers of government institutions

The targets

Devices connected over the Internet offer useful functions, such as being able to reach one another remotely. Yet that also makes them potential targets for attackers:

  • Cybercriminals can attack an individual user’s privacy, steal passwords or shop at the expense of the victim.
  • The many connected devices used by individuals, such as routers, tablets or PCs, can be hijacked by attackers and joined together in botnets. These can then conduct denial-of-service (DoS) attacks and so cause telecommunications outages, for example.
  • Attackers try to steal business secrets through espionage or sabotage machinery at companies. The damage this causes in Germany is put at around 50 billion euros a year by the country’s Federal Office for the Protection of the Constitution.
  • In the case of hacking a state’s infrastructure, power grids (such as in Ukraine in 2015) and even the entire Internet of another country (as was the case in Estonia in 2007) are crippled.

The changing face of cyber threats

The world of cyber threats is changing rapidly. Even while an attack is ongoing, the malware grows more specialized, takes on a life of its own and becomes smarter.

Ransomware: Definition

If attackers use ransomware, they can manipulate the victim’s computer so that it can no longer be used – the PC is hijacked virtually, as it were. The attacker only frees the computer once the victim – a person or a company – has paid a ransom.

“Stealing data by phishing was a top issue two years ago. Now it’s ransomware that’s a major focus of security experts, as well as law enforcement authorities,” says Dr. Detlef Houdeau, an expert for the cybersecurity market at Infineon.

As the number of devices that communicate with each other grows, so too does the complexity of potential attack scenarios. Houdeau illustrates that with a specific example: “The images from a computed tomography scanner at a hospital are sent automatically to the person’s family doctor.

The device is part of the hospital’s IT system, but comes from a manufacturer of medical products. So it’s not enough to protect the actual hospital IT. The individual device must also be protected against cyberattacks in the future.” That means a single security gap is enough for someone to penetrate the system and manipulate the IT infrastructure.

Quantum computers: A new threat

Quantum computers: A new threat

Technologies are advancing. Artificial intelligence can help defenders, yet also make cyberattacks more efficient; high-performance systems for quantum computing are also a new threat for the digital world.

Confidential data is encrypted to protect it in cyberspace. Many of the encryption algorithms used today can be cracked by quantum computer. Experts expect the first quantum computers to be in use in 10 to 15 years’ time. New algorithms termed “post-quantum-resistant” will be standardized as a possible countermeasure in the coming months and years.

What are the most frequent and biggest cyber risks?

Attacks can exploit various weak points: in the home networks of private users, as well as the networks of companies and public authorities – and even that of the German parliament. The risks this entails are wide and diverse.

  • Users themselves can be the weak point: They might introduce malware by using an infected USB stick, use a password that’s easy to guess, such as their own birthday, or not (adequately) encrypt sensitive data.
  • Devices, such as broadband routers, may also have security vulnerabilities. In the fall of 2016, a million Germans were without digital TV, the phone and Internet for two days because a hacker had smuggled malicious code into a widely used Telekom router.
  • Attacks on a country’s critical infrastructure are even more dangerous. Terrorists can injure or kill and severely hit the economy with a digital attack on hospitals, airports, the rail sector, banks and power utilities. The problem with these sorts of attack is that the defenders don’t know when, where and how the attack will come.

Overview of major cyberattacks from the past:

 
2007

A DoS attack cripples the entire Internet in Estonia.

2010

The computer worm Stuxnet shuts down the uranium enrichment plant in Iran.

2011

The data of 77 million subscribers was stolen from Sony in Japan.

2012

The data of 24 million customer accounts was stolen from Amazon’s subsidiary Zappos.

2013

Around 38 million customer data records were stolen from Adobe in the U.S.

2014

The data of around 1 billion customer accounts was hacked at Yahoo in the U.S. That exposed the phone number, date of birth, encrypted passwords and unencrypted security questions used to recover passwords. The data of a total of 145 million customers was stolen at eBay in the same year. 

2015

The cyberattacks on the German parliament, the Bundestag, meant the computers had to be replaced.

2016

As a result of the Mirai attacks, for example, on routers of Deutsche Telekom, around 1 million households were without TV, Internet and phone services for 24 hours. Fake information and news was sent to Democrats by social bots during the U.S. election campaign.

2017

The malware WannaCry exploited a security vulnerability in Windows worldwide. The ransomware NotPetya encrypted the file table on hard drives on hundreds of thousands of computers.

2018

The health data of 1.5 million citizens in Singapore was stolen.

2019

Fraudulent transfers in the triple-digit range were initiated by phishing attacks on the Ärzte- und Apothekerbank in Germany.

 

 

Greater cybersecurity with new security concepts

Conventional methods, such as firewalls and anti-virus scanners, are no longer enough to ward off the different ways of being attacked. The attacks are simply too sophisticated. To use the Internet securely, we need new security concepts. They are based on a technological approach known as “security by design” and are built into the product or system when it is developed. Security standards are now being created in more and more IoT sectors and finding their way into new products.

Cybersecurity through encryption and authentication

The objective is to protect information so that only authorized persons, computers, machines or general network nodes can access it. That requires two steps: secure identification and authorization of the entities. The example of connected cars illustrates what that might look like. The cars of the future will have far more electronic equipment on board – and hence more external interfaces that are vulnerable.

The software in the car needs regular updates to protect these interfaces. For that to work, it is necessary to ensure that the computer supplying the updates and the gateway in front of the car’s control system authenticate themselves to each other. That means only these two devices are allowed to exchange data. Moreover, communication between the interfaces must be encrypted. To avoid the need to go to a workshop for updates, they will be increasingly be sent over-the-air (OTA), just like for a smartphone.

That requires appropriate hardware, which is why Infineon is equipping control units with chips that are responsible for authentication and encryption. Such secure identification processes are crucial in machine-to-machine communication.

Connectivity: The future and past

Market analysts expect, for example, that around 100 million vehicles will be connected with the Internet by 2025, making the car a sort of “computer on four wheels.” On top of that, they will be connected to the infrastructure (V2I) and with each other (V2V), while autonomous vehicles will use new standards like 5G and ITS-G5.

Older products and systems, such as production machinery, railway signaling systems, medical products, cars and aircraft, pose a real challenge. The manufacturers have discontinued maintenance of the products and upgrading them would involve excessive cost and effort. One frequently tried approach is to disconnect these old devices from the network as far as possible.

IT security check list

You should always observe these tips if you want to use the Internet securely:  

  1. Always keep software up-to-date.
  2. Use an anti-virus scanner and a firewall.
  3. Use secure passwords and store them in a protected password manager. Use at least 10, or even better 12, characters containing numbers, upper-case and lower-case letters and special characters, and use a different password for each service. Best of all, make up nonsense passwords: One expedient way is to take the initial letters in a sentence and add numbers and special characters. “I go to New York every May 31 and visit the Statue of Liberty!” then gives the password IgtNYeM31&vtSoL!
  4. Work on your computer as a normal user and not as an administrator, since the latter has wider access to the system. If your computer has been infected by malware and you are logged on as the administrator, the malicious software likewise has extended rights and can cause greater damage.
  5. Do not click on links in e-mails, and be careful when opening attachments, especially if you don’t know the sender. Check all attachments with an anti-virus scanner before opening them.
  6. Save all your important data regularly on another hard drive or in the cloud.
  7. Encrypt sensitive data and e-mails.
  8. Be careful about what information you divulge on the Internet.
  9. Do not surf in an unprotected WLAN.
  10. Be attentive and critical when you surf, write e-mails or work on the computer: Don’t believe everything someone promises. Do not click on links naively and, if in doubt, ask whether the e-mail is actually from the sender.
  11. Do not use the same passwords for different systems.
  12. When you purchase a new smart home device, change the standard password it comes with right away.
  13. Do not download any apps and/or computer programs from websites that are not trustworthy.

Measures by public authorities to ensure greater cybersecurity

Power, healthcare, finance and transportation are sectors in a country that constitute critical infrastructures. Citizens in Europe have a right to the basic services they provide. If those infrastructures were attacked, that would entail massive outages and chaos, also causing harm to people. That is why the public authorities have taken the following measures to increase cybersecurity:

  • Germany’s IT Security Act, which came into effect in 2015, obligates operators of around 2,500 facilities in Germany to ensure their IT systems are especially protected. For example, they have to meet more stringent security requirements and furnish proof of that in audits. They are also obliged to warn customers if they discover any data abuse. Moreover, they have to report incidents to the authorities. The counterpart EU law is called the NIS Directive and applies simultaneously in all EU Member States.
  • At the same time, public authorities also support private users in defending against cyberattacks and, as part of that, rely on the initiative of online service providers and hardware manufacturers. Under the Cybersecurity Act adopted by the EU, consistent regulations on certification of consumer devices are to be developed. The aim of that is to help raise the security level for consumer electronics (CE) in the business-to-consumer (B2C) market in the EU. Moreover, products, solutions and services in the business-to-business (B2B) market are also to embody certified IT security to a greater extent. In the public sector (business-to-government or B2G), the goal is to maximize and harmonize the standard of IT security across all EU Member States moving ahead.
  • The EU Commission plans to establish a new agency called the EU Cybersecurity Competence Center (ECCC) at the end of 2019. Know-how on new threats and suitable means of countering them will be pooled there in the future. An EU-wide network of more than 600 test and inspection labs is to be created.

A bot is a device that runs over the Internet, has been infected with malware and can be controlled remotely. Computers and other devices are combined to create a huge network without the owner suspecting a thing. Botnets are often used for DDoS attacks.

In a distributed denial-of-service (DDoS) attack, a service is flooded with requests and hence works only with great restrictions, if at all. Such attacks are often conducted simultaneously using botnets.

A forcible attack on a cryptographic algorithm. All possible combinations are tried out automatically and systematically in order to crack the algorithm.

The abuse of someone else’s personal data. It is also termed identity misuse.

In this type of attack, criminals try to obtain a victim’s personal data using fake websites or links and attachments in e-mails.

A large group of employees receive what appears to be a business e-mail. It urges recipients to go to fake websites or contains links and attachments that infect the computer with malware.

Unknown persons claim in an e-mail to be high-ranking employees in order to induce others to transfer money or to obtain the access data for specific accounts.

This term denotes malware that infects and blocks a computer. The attacker then demands money to free the system again.

These files conceal themselves in apparently harmless programs and so enter the computer without being noticed. They then cause damage there directly or by downloading other malware from the Internet.

Malware that is smuggled onto a computer, for example, in the form of an e-mail attachment.

This type of malware copies itself and spreads as quickly as possible, for example, via the address book in an e-mail program.

An attacker exploits security weaknesses before they are discovered and can be eliminated.

The compilation and publication of personal data on the Internet.

A computer program with unwanted or harmful features.

This involves exploiting security vulnerabilities in SQL databases.

Untrustworthy information is inserted in a context that has been classified as trustworthy.

The future of cybersecurity

However, it is also in the own interests of the electrical and electronics industry to boost cybersecurity moving ahead. As the German Electrical and Electronic Manufacturers’ Association (ZVEI) states: “The advantages of digitalization cannot be leveraged if personal and technical data is not protected. We feel sure that cybersecurity will grow in importance when it comes to protecting consumers, ensuring the quality of products and enhancing customer loyalty.”

It should come as no surprise that router manufacturers are making the first move. After all, routers are the core piece of equipment in every home network. They are the interface between the home network and the Internet – and that makes them a popular target for attacks.

Further topics