Cyber attacks: How companies can protect themselves in the current situation

cyber hacker

Cyber attacks: How companies can protect themselves in the current situation

In the company and home office: cyber attacks are a constant threat in business life. Three experts show where the biggest dangers are lurking on the Internet for SMEs – and how to protect yourself.

Latest cyber attacks under the cover of the coronavirus

The National Center for Cyber Security NCSC provides important information and statistics on the current cyber attacks in Switzerland. The data is updated weekly. In addition, the web page provides an overview of the most common hacker methods – and provides recommendations for prevention.

Patrick Brielmayer, former hacker: Analysis of the cyber attacks

"I want to protect companies from the kind of person I used to be," explained ex-hacker Patrick Brielmayer. The IT graduate used to program viruses and Trojans or execute DDOS attacks, i.e. the deliberate crippling of web pages. He was never caught – "but I always had to watch out and was nervous." That's why Patrick Brielmayer has changed sides and set up an IT security company. Today, corporate customers willingly open their networks to him so that he can comb them for traces of cyber attacks. His specialty is analyzing malware, "I find out how the attack took place and what damage was inflicted." Brielmayer's mission: He wants to bring companies up to speed about the risks of cyber criminality and contribute to better protection.

Daniel Nussbaumer, Police Specialist: Assistance for victims

This concern also drives Daniel Nussbaumer. The lawyer with a PhD is the head of the cyber crime department in the Zurich Canton Police. His team now encompasses 15 detectives and 30 specialists in digital forensics, including many IT graduates. Increasing digitization has made police work more complex, since the Internet has created completely new ways to commit crimes. 

According to Daniel Nussbaumer, many SMEs are affected by, for example, “CEO fraud”: Cyber criminals recreate a typical e-mail from the boss. In it, he asks for an urgent payment of CHF 5,000 to be made. But when the bookkeeping department makes the payment, it ends up with the hackers. "Usually there are complete teams behind it all," he explained. "One programs, one's good at writing and the third one does the research." The police specialist advises to always double check by calling back in the event of unusual e-mails.

Ransom for company data

In addition, the Zurich detectives are often confronted by so-called crypto-ransomware: Malware encrypts all of the information in the computer system of the company affected. This is followed shortly thereafter by a ransom demand, usually in bitcoin. "Naturally, our advice is not to pay," said Daniel Nussbaumer. "Every payment finances new attacks." Furthermore, you never know whether the blackmailers will actually release the data. And if the hacker used previously unknown crypto-ransomware, even professionals cannot help. This is why Daniel Nussbaumer urges all companies to prepare for such attacks.

Stephan von Watzdorf, Product Manager: Protect against residual risk

Stephan von Watzdorf heads the team Professional Liability and Cyber Risks, which developed the Zurich cyber insurance. Crypto ransomware attacks are a grave problem for him. He even speaks of a security myth: "Many companies believe they're already protected with regular back-ups." However, if the back-up is not taken off the network it will likewise become the victim of an attack. Moreover, malware is often only activated weeks after the hacking attack. By then, the back-up is usually also already contaminated. "Moreover, it's a lot more expensive and time consuming to restore the data than people think."

People are the weakest link

According to the ex-hacker Brielmayer, the companies often only learn of a cyber attack when the attacker demands something – or the data of the company turns up somewhere. Feeling safe thanks to a firewall and anti-virus program is an illusion. You can obtain basic protection against known viruses with customary commercial instruments, but newly written malware will not be recognized: "It's a cat and mouse game." Therefore, it also makes sense for SMEs to sensitize their employees at least once a year in an IT security course. After all: "People are the weakest link, most of the hacks occur due to the inattentiveness of employees," the Zurich expert Stephan von Watzdorf is convinced.

New offer for SMEs: Cyber Security Training

This is where Zurich Switzerland weighs in: the leading Swiss insurer offers companies more than just customized insurance solution – it is also active in the area of prevention. In addition to consultation, our offering now includes employee training.

The new program is called "Cybersecurity Training". It is made up of six training videos and six corresponding training modules with a few questions. For Cybersecurity Training, Zurich Switzerland is cooperating with the internationally renowned company SoSafe.

Protect business secrets

Patrick Brielmayer considers the theft of company data to be the greatest cyber risk in Switzerland: "Every SME has its secrets with which it also makes money – ideas, recipes, construction plans or customer data, such as credit card numbers, bank data or insurance numbers." If this data gets out, it's pretty serious." Daniel Nussbaumer from the cantonal police force also confirms this. Every SME could become a victim and therefore has to ask which of its data need particular protection.

Entire web pages falsified

For Patrick Brielmayer, e-mail applications, faked complaints or product queries are the perfect vehicles for cyber attacks. These days, classic phishing e-mails are also often so well made that even an attentive reader could be deceived by them. Sometimes the hackers even forge complete web pages with forms, which cannot be distinguished from those of telecom companies or online department stores. Or the cyber criminals pretend to be technicians and ask for customer data by telephone.

Online shops particularly at risk

Companies with online shops are particularly at risk, in Brielmayer's view. If these are crippled with a so-called DDOS attack, business can break down for hours or even days. "It's even worse if customer data is stolen or published. I know of such cases – and they have far-reaching consequences." Patrick Brielmayer even thinks some Swiss companies may be paying "protection money" regularly to avoid having their online shops hacked. Daniel Nussbaumer from the cantonal police force does not know anything about this. He is convinced that with current technical precautions, a relatively large number of DDOS attacks could be prevented. "Yet there is no 100 percent protection – because hackers always discover new ways."

When hackers plunder accounts

Once the cyber criminals are inside the network, they procure the credit card data of customers, for example, use it to buy bitcoin and charge prepaid credit cards, explained insurance expert von Watzdorf. For SMEs, the reputational damage is above all relevant, but claims for damages can also arise. 

If their own money is stolen, many SMEs feel secure, which is a mistake. They believed their banks would be liable for the losses. "But that's incorrect," according to the Zurich expert. The cause in any case usually lies in the IT of the SME affected: For example, the hackers install a Trojan and observe the bookkeeper until s/he logs into their e-banking account. "The hackers then take over the session while the employee stares at a black monitor. Later he finds out CHF 100,000 have been transferred."

Anyone can become a victim

From Patrick Brielmayer's point of view, catching cyber criminals is very difficult, "They can be anywhere in the world." Daniel Nussbaumer sees this differently, "Complete anonymization doesn't hold up forever, because the perpetrators are people too. And people make mistakes." In addition, the Zurich cantonal police cooperate closely with the police authorities of other cantons and countries. "Consequently, we certainly have opportunities to catch foreign perpetrators too." Even money withdrawn can often be recovered.

Preventing attacks through reconnaissance

Nussbaumer regrets that many companies do not bring any criminal charges, "We probably only see a small portion of the cases. Consequently, we lose the opportunity to clarify the situation." His recipe for preventing cyber risks from becoming a catastrophe, "Prevent attacks through good IT and sensitization of the employees towards this issue. Limit possible losses. And if something happens after all: do not hesitate to contact us. It's no disgrace to become a hacking victim – it can happen to anyone."

Protect yourself against cyber attacks

Cyber attacks can never be completely prevented, but you can protect yourself against the consequences. The new Zurich Cyber Insurance for SMEs covers certain costs of a hacker attack, such as for cleaning up computer devices after a virus attack or for restoring data. In addition, the insured are given access to experienced attorneys, who can provide advice on immediate measures. Optionally, you can also protect yourself against the financial consequences of a business interruption after an attack, or insure yourself against the theft of funds if a hacker has gained access to your e-banking.

Zurich SME Magazine issue 5 published on September 20, 2021

The magazine for companies

Inform yourself about new trends, read captivating company portraits and learn important facts about your most biggest risks as an SME – and how you can mitigate them.

More articles

Woman using an analysis device

Hackers set their sights on hospitals.

Hospitals bear great responsibility for their patients. This makes hacker attacks all the more dangerous for them.
cyber attack

Eight tips for better IT security

How can you reduce the probability of cyber attacks or at least alleviate the consequences?

Cyber security: “There is always residual risk”

Swiss SMEs are considered attractive targets for hackers. That is why it is all the more important to be aware of cyber risks and get the best possible protection against them.