Direct Links
english
deutsch

FileBox Login
Offene Stellen / Jobs
 

Cyber terrorism: German infrastructure highly vulnerable

September 28, 2009;

Marco Di Filippo, Regional Director Germany of Compass, shows how easy it is to compromise power, internet and telecommunication networks in Germany.

"It is only a question of time before criminals take advantage of the vulnerabilities of the German infrastructure", says Marco Di Filippo. "With the corresponding know-how, which terrorists could just simply pull from the Internet, it is possible without too great financial means, to manipulate respectively to paralyse our networks. Everything would break down."

How endangered is Germany?
The facts (based on studies of the KoSiB eG, the Bavarian Competence Centre for Security, Munich):
- 79% of the German telecommunication fixed line network are firmly in the hands of one single provider
- 81% of the virus attacks have a correlation with the monoculture of our desktops
- 99% of the users underestimate Trojans and Spyware
- Nearly 100% dependence on the USA and on monopolists such as Intel, IBM, Cisco, HP, Microsoft
- Even the government fosters the development of monocultures
Already a diversity of operating systems would considerably reduce the danger of a domino effect.

Cyber War - the total control
The motives for attacks on monocultures are often the desire to prove knowledge, to test out the limits and to attract attention, but also a new form of terrorism. How systematic hacking activists proceed, is proven by the recent Denial-of-Service attack on the Website of the Australian Prime Minister, Mr Kevin Rudd. This was just to demonstrate their protest against the Internet barriers introduced.

A possible attacking scenario in Germany would be the following: Germany without Internet. Frankfurt is de facto one of the main points of intersection for the DFN (German research network), .de domains and provider networks. If Frankfurt becomes the target, the following procedure could lead to a complete breakdown of the network. Firstly the points of intersection are retrieved on-site and staff is infiltrated in the organisation of a large network provider. The "new employees" elicit the respective lines and destroy them. The demand for band width can no longer be met and servers are thus no longer accessible in full. The consequences: no cash, no re-fuelling possibilities, no tickets for public transport, traffic chaos, no payments, economical damage, etc.

How can Germany protect itself?
Marco di Filippo recommends: "In a first step it is important to increase prevention. First of all we are to detect the nation wide vulnerabilities and to find the possible attacking points. Then threat scenarios must be determined and analysed. Responsible persons should search for advice on what new security solutions they could make use of. This also includes encouraging German developments, to link with each other and to cooperate remotely. This will be the only way to counter the monocultures and thus to reduce the attack surface provided by the Federal Republic of Germany."

 

News

Compass invites to the Security Event 2010
6/7/10 - On Thursday, September 09, 2010 Compass Security AG organise their annual "Compass Event". For this seminar the ICT security service provider invites customers and other interested persons to the auditorium of the HSR University of Applied Sciences in Rapperswil / Switzerland. From 08:30 to 17:00 the participants benefit from the latest findings and experiences about ITC security in the frame of presentations, Live-Hacking demonstrations and speeches. A red-hot topic is brought up by Nicolas Seriot in his guest speech "iPhone-Hacking".

New at Compass: "FileBox" as an Appliance
5/25/10 - Compass Security AG have further developed their Web based transfer solution "File Box" and launched an appliance. Companies keep thus complete control of their data as the appliance is located on their own premises. The multitenant solution addresses mainly target groups who are dependent on a safe data transfer with customers or business partners, such as banks, insurance companies, chartered accountants, trustees, lawyers or medical doctors.

Hacking-Lab Remote: Rent a Professional IT Security Lab
4/13/10 - For imparting knowledge on IT security topics such as the OWASP TOP 10, OSSTMM and other attacking respectively defence measures in a practical way, high schools and companies no longer need to invest in their own security lab. Using the Hacking-Lab of Compass Security AG users have access via Internet to an interactive lab environment. The ICT security service provider makes students and employees more familiar with current cyber threats, attacking strategies and defence measures.

Evening event of ISSS on "Cyber Crime in Switzerland"
2/23/10 - Ivan Bütler, Compass managing director, is organizing the "1st ISSS St Gall conference" together with Dr. Lukas Ruf. On Thursday, April 29, 2010, interested people are meeting in order to gain an up-to-date overview in the field of computer crime an to become familiar with the developments.

Compass hacks live at CeBIT
2/22/10 - Marco Di Filippo, Regional Director Germany of Compass Security AG takes on the role of the hacker at CeBIT and puts modern technologies to the test. On the CeBIT platforms of the media partner Network Computing and of the anti virus specialist Avira he is going to x-ray data centers and mobile devices such as iPhone, Blackberry, etc. regarding their safety compliance.