The criminal threat on the net is growing. Surrender is not an option. On the contrary: the more organisations recognise the risks, invest in security and coordinate their responses, the better their chances of achieving enduring protection.
Text: Robert Wildi, first published in the NZZ supplement of 7.11.2019, Image: Adobe Stock,
The downsides of rapid digital advances are well known: criminals are also hard at it, shamelessly exploiting the latest technology and playing the keyboard of disruptive possibilities with as much virtuosity as the cleverest programmers from leading technology companies. The result? An exponential race to see who can bend and break the most. Ever newer interlocks for increasingly efficient IT systems on the one hand; on the other, a continuous quest for the tiniest gaps through which systems can be infiltrated.
It is no use minimising the harm: "The risks are growing all the time," says Marco Wyrsch who, as Security Officer at Swisscom Business Customers, is the man in charge of combating cybercrime at the ICT provider. Internet criminals' current preferred means of attack are malware and targeted ransomware trojans. The methods they use vary: recent years have seen hackers repeatedly use ransomware to paralyse organisations' entire computer systems. Attacks like this can result in production losses that quickly run into the millions. "Organisations often have to contend with blackmail: they're forced to pay big sums in order to regain control over their data."
Alongside visible attacks, hackers are increasingly sneaking into the virtual nerve centres of organisations and even state apparatuses. Unnoticed, they introduce their malicious software into the victims' systems, sometimes managing to access important data for months or even years. The theft of intellectual property mainly occurs in the realm of industrial espionage and can result in the thieves applying for patents for the innovations they have stolen. "While prevention provides effective safeguards against the malevolent encryption of data and accompanying blackmail, technological hardware is needed to detect data theft," says Wyrsch.
"Many companies feel powerless in the face of attacks and blackmail."
Marco Wyrsch, Swisscom
For Wyrsch, the rapid development of digital technologies is not the only aspect driving the growth of online criminality: "You have to bear in mind that cybercrime is one of the most attractive and lucrative forms of illegality because the perpetrators not only remain concealed, but are able to scale up their activities at will.
Businesses need to quickly change how they think in order to counter the danger effectively. "Many companies, feeling powerless in the face of attacks and blackmail, are debating whether to make financial provisions or obtain expensive insurance in case they have to make a claim," an attitude that Wyrsch condemns as short-sighted. Technological progress is such that inadequately protected companies can fall victim time and time again: "The only solution is to radically change strategy from protection to active prevention through targeted investment."
Although organisations talk about taking the requisite steps, all too often too little is still being done, observes Cyrill Peter, Head of Enterprise Security Services at Swisscom Business Customers: more often than not, the lack of (or unbudgeted) funds – a particular problem for SMEs – means that the idea that organisations should develop and maintain their own digital high-security approach is neither realistic nor affordable. According to Peter, a viable alternative is targeted outsourcing to an external partner with the requisite know-how and capacities.
"Our aim is to achieve a steep learning curve in the race between 'good' and 'evil'."
Cyrill Peter, Swisscom
Swisscom's round-the-clock Security Operations Centre in Zurich's Binz district offers business customers a range of cybercrime prevention services. "We're currently experiencing increased demand for detection-related services, i.e. the detection of attacks that have already occurred," observes Marco Wyrsch. Swisscom's experts recommend a healthy mix of prevention, detection and response measures: "This combination has long been the basis in healthcare; digital security needs to do the same thing, and quickly."
Swisscom experts Marco Wyrsch (right) and Cyrill Peter at the ICT provider's Security Operations Centre. (Image: Michele Limina)
Organisations need to redouble their efforts, especially as the hacker scene is not asleep: "Our aim is to achieve a steep learning curve with our customers in this non-stop race between 'good' and 'evil'," says Cyrill Peter. Swisscom's approach in this regard makes use of a kind of swarm intelligence, whereby every single security experience of the current cohort of 1000-plus business customers is gathered together and immediately made available to all the others. "This know-how boosts significantly the learning ability of our systems and security analysts, something that ultimately benefits each individual customer.
The two Swisscom experts believe that if businesses manage to sensitise themselves to the issue of cybercrime and organise themselves as fast-learning "security communities", the battle against the digital underworld can be won in the long term. "The fact that every application has hacker-friendly vulnerabilities remains a problem going forward," says Wyrsch. He thinks the coming years will see companies, especially in the manufacturing sector, continue to suffer losses running into the millions: "At some point, though, the level of suffering is likely to be so high that huge investment will be made in online security."
Accordingly, more and more industries will regard protection against digital threats as a decisive competitive advantage. The World Economic Forum (WEF) recognised this urgency and put cyber risk at the top of its agenda at the beginning of the year. It is a logical consequence that telecoms and technology groups such as Swisscom are increasingly focusing their services and infrastructures on the prevention and detection of cybercrime. Demand is expected to increase exponentially in the near future. "We're ready to go 24/7," says Marco Wyrsch.
The Federal Reporting and Analysis Centre for Information Assurance (MELANI) identifies a large number of cyber threats to which companies are exposed:
Newsletter
Would you like to regularly receive interesting articles and whitepapers on current ICT topics?
Other readers were also interested in: