Security Against Cyberattacks with Active Patching
Hackers often sneak unnoticed into companies’ IT infrastructure. One popular method is to gain access through phishing emails or exploit security vulnerabilities and then access not only the company’s IT systems, but also connected systems. Frequently, the hackers then strike with ransomware, deleting and/or encrypting backups and data. The company being attacked often fails to notice until it is too late. The damage is great, since not only do the IT systems have to be reinstalled but such a cyberattack also has a negative impact on production. Companies often need several years to reel back from an attack. Many companies cannot make it and go bankrupt. On the other hand, a global industry like ours cannot forgo worldwide networking.
In its May 2022 study “Cyber Security in Austria”, KPMG Security Services determined that the top methods of attack used by hackers are phishing, accounting for over 50% of attacks, and malware, accounting for 39%. There are also deepfakes, i.e., phishing combined with high-tech manipulation, for example using AI (artificial intelligence), and, above all, ransomware attacks. Many hackers have the same goal – to extort millions.
Countermeasures and Security Strategies
Companies’ first countermeasure should be to get an overview of their entire system before a cyberattack even occurs. In particular, they should consider functionalities and interfaces of components and identify possible vulnerabilities. The measures also include a comprehensive data backup.
On the software side, there are several security strategies. Hardening is the process of restricting access to the system from the outside. In virtual patching, the virtual patch bypasses the vulnerability, but does not eliminate it entirely. In active patching in contrast, security updates are regularly applied to the system, actually eliminating the existing security vulnerabilities. However, this is not a one-time action – it needs to be carried out regularly, because what counts as a secure interface today may already be something a resourceful hacker can crack tomorrow. That is why it’s important to always stay one step ahead. And keep in mind that the longer it takes to detect a hack, the more expensive it becomes.
Comprehensive Cyber Security Service, Even for Existing Systems
The core of SSI SCHAEFERs “Cyber Security Service” is active patching. Although we primarily offer this process for new systems, it is also being used more and more in older systems, for example in the course of a retrofit. SSI SCHAEFER has an experienced team of experts who implement the measures and can be reached around the clock in case of emergencies for remote service.
At first glance, comprehensive cyber security measures can seem quite expensive. However, the example of cyberattack on Maersk in 2017 shows what can happen without protection: The NotPetya malware caused around $300 million in damage, and Maersk had to reinstall 45,000 client computers and 4,000 servers worldwide. This quickly puts the effort and cost of security into perspective.
About the author:
Wolfgang Haar is the Global Head of System Support at SSI SCHAEFER. He started his career in B2B support for an internet service provider. He joined SSI SCHAEFER in 2009 at Salomon Automation, today SSI SCHAEFER IT Solutions, in the Customer Services department. After holding positions as Team Leader for Services & Tools and IT Systems Operations Support, he took over the management of the Systems Support department as Global Head with 25 employees in 2020. His responsibilities now include cyber security.