Experts: This is the biggest cybersecurity threat of 2022

Wolfgang Rosenkranz from the CERT.at, Austria’s “internet fire brigade”, which regularly warns companies of current threats.

“Managing directors and board members often only have a faint awareness of the threats, and often the approach is not taken pursued, which would be necessary here in order not to be attacked,” warns Lauer. “Many people in charge are still not aware of what it means when their company stands still for weeks,” says Lauer from Sophos.

Prominent affected cases from 2021

But this is exactly what the fuel pipeline operator Colonial Pipeline happened in the week and a half the Main lines stopped and there were bottlenecks in the fuel supply in some US states. Also at Salzburger Großmolkerei Salzburgmilch and the retail chain Media Markt there were production stops and limited service.

At Salzburgmilch all passwords had been changed by the cybercriminals, so that it to a total failure of the IT systems came. As a result, orders were no longer possible. At the Media Markt the blackmailers initially ransom $240 million

Managed Services for Enterprise

” It is important for companies not only to react to such attacks, but to actively protect themselves from them,” explains Lauer. It is therefore important that infrastructure is monitored prophylactically around the clock to identify intruders. “Cyber ​​criminals often spend weeks or months in the affected IT systems to scout out everything. If they strike on day X, usually on a Friday or Saturday, the perpetrators know exactly what they are doing and this is what causes the major damage,” says Lauer.

Sophos has been offering such protection for two years as “Managed Services” service that focuses precisely on protecting IT systems. “This trend will increase massively in 2022,” believes Lauer. So far we have around 6000 customers in two years won, according to Sophos. It is often difficult for companies to find suitable employees, and with IT security in particular it is important that experts regularly monitor the systems and react immediately if something suspicious is seen in the company network.

Confirmed that there is an acute shortage of IT specialists in the field of security also rosary from CERT.at. “The more complex IT becomes, the more difficult it becomes for those IT professionals who can detect and defend against attacks. We have already seen in 2021 that there are no longer enough experts to to be able to react quickly to attacks and 2022 is not yet an improvement of this situation in sight”, says Rosenkranz.

Early detection of the intruders prevents the worst

“But you have to watch what’s happening in real time in order to quickly quarantine certain services and files to be able to pronounce when you have spotted an intruder”, says Sebastian Kaiser, IT expert at Sophos. Ransomware attacks have proven to be extremely lucrative as many companies are unprepared and therefore pay the ransom.

“Cyber ​​criminals also jump on any vulnerability in the system in order to extort money. However, an intruder can usually be detected at an early stage, drastically reduced and even stopped with simple means,” says Kaiser. “We have the tools for this, but we also have to use them,” says the IT expert. Companies, on the other hand, would often postpone the budget they should plan for IT security until “next year”.

Anyone who does this and is hit by a ransomware attack usually pays dearly: Because in addition to ransom demands, you often have to IT emergency teams move out to straighten out the problems. Sophos also offers this as a service. “Here, we often find that there have been abnormalities in the company network 30 days beforehand, but these have been ignored,” says Kaiser.

Instead of immediately asking for a ransom – From the point of view of the Sophos experts, it is important to seek the way to security specialists in order to analyze the attack and to look for solutions on how to get out of it. That is the “safer way”. “Only after an inventory analysis should you decide how to proceed, advises Kaiser. “Smaller companies in particular are quick to make payments. But that doesn’t protect against repetition and soon the next blackmailers will be able to exploit the loopholes,” warns Lauer.

Because in special Internet forums where cyber criminals exchange ideas, all vulnerabilities offered for sale to infiltrate corporate networks. “If you can gain access, it will be exploited,” says Kaiser. Company bosses are therefore well advised to take the issue of IT security more seriously in 2022 than before.