Although digitization is constantly progressing and being pushed forward in all areas of life, a digital catastrophe has so far failed to materialize. But that’s not because cyber criminals wouldn’t try their best. Will the threat continue to increase in the future?
Cyber attacks on private individuals and companies regularly find their way onto the front pages. However, it could be misleading to conclude directly from this that the danger has risen sharply. “The topic is being discussed more publicly and visibly, which is why it is being noticed more,” reports Marcel Zumbühl, co-president of the independent association Information Security Society Switzerland.
Hacking Over Time
At the beginning of virtual spaces, society first had to find its way around. The same applies to cybercriminals, as Zumbühl explains: “The first attacks and viruses were test runs to find out what was even possible.” Aside from the potential interest in espionage, the criminal intent behind these attempts was minor. Zumbühl refers to the example of the Mirai botnet. It was originally developed by teenagers to keep opponents away from online games by deliberately overloading networks. This later gave rise to (distributed) denial-of-service attacks (DDoS), which are now also available as a service. “Commercial fraud became the main motivation for cyber attacks,” summarizes Zumbühl.
Companies React
The digital nature of the attacks meant that they were initially invisible to the general public. However, companies are increasingly adapting their behavior to the threat. Zumbühl sees one reason for the increased awareness of the danger in the companies themselves: “Cyber attacks have become a daily risk, which is why cyber crime is being increasingly perceived.” Because it is now best practice for companies to actively talk about it and make the topic visible. After all, they are the victims of criminals, not the perpetrators.
Gateway Human
Individuals are the first line of defense. According to Zumbühl, private individuals can already ensure more security with a few rules of thumb: “End devices should be equipped with antivirus software, all programs and operating systems must be updated immediately and unique passwords protect critical information.” In addition, regular backups of the most important data should be created.
You can usually avoid phishing traps by not being put under time pressure and not giving out any personal information, especially not via a link in an email or SMS. «Contacts that threaten time pressure and contain a link should not be yielded to. To make sure that everything is in order, I advise logging in via the official channels such as the website or app, »recommends Zumbühl. If in doubt, you can also get help from specialized agencies or the police.
Corporate Security
The same applies to employees of a company. These should regularly sensitize the workforce to the dangers. According to Zumbühl, they have to go further: “You have to know where which data is and know the critical processes in order to assess the risks and take appropriate measures.” Depending on the size, you can set up your own security department or bring in IT partners. “It’s definitely not worth negotiating with the criminals or even paying extortion money,” warns Zumbühl. There is no guarantee that you will get the data back and will no longer be attacked, regardless of whether it is a corporation or an SME.
