Playing it safe
Has your home ever been broken into? Even if it hopefully hasn’t happened to you yet, you probably still know exactly what to do. Call the police, don’t destroy any evidence, call the insurance company. But what if someone breaks into your computer rather than your home?Invisible intruder
Virtual burglars don’t leave behind any broken glass – and your data would likely still be on your hard drive. You might not even notice the theft. If you do realize your data has been breached, however, you need to act fast.
Security is a must for everyone
Not only individuals but also public authorities and companies can become targets of a cyberattack: according to a 2021 study by the Bitkom digital association, 88 percent of German companies were affected by cyberattacks in 2020/2021. The financial damage caused by such attacks is calculated to be more than 220 billion euros a year in Germany alone. In addition to financial losses, cyberattacks can also have other serious consequences – if an attack on the power grid interrupts the energy supply, for instance, or if cybercriminals gain access to civilian or military infrastructures. Given the increasing level of connectivity and digitalization, data security must therefore clearly have top priority.Joining forces to fight against data thieves
Deutsche Telekom Security GmbH is one of the world’s largest digital security providers, the market leader in Germany, and the hub of cybersecurity expertise for the entire Deutsche Telekom Group. For many years now, we’ve succeeded in protecting more than just our own infrastructure. Our customers are offered the same, highly professional solutions that are used to protect Deutsche Telekom itself around the world. Telekom Security works closely with prominent organizations in Germany and at EU level, including the Federal Office for Information Security (BSI), the Bundeskriminalamt (Federal Criminal Police Office, BKA), and the European Union Agency for Cybersecurity (ENISA). We’ve also joined other companies in signing the Charter of Trust, an initiative for greater cybersecurity. The charter identifies ten cybersecurity action areas, among other things calling on governments and businesses alike to assume responsibility for cybersecurity at the highest levels – something we at Deutsche Telekom do as a matter of course.
Operating 24 hours a day, 365 days a year, Deutsche Telekom’s Cyber Defense and Security Operations Center (SOC) in Bonn never sleeps.
111.2
Our cyberdefense team registered up to 111.2 million attacks per day in 2022! Even though most are not targeted attacks, but rather automated attempts designed to discover weaknesses, this number is still alarming.
The strong line
of defense
But it’s not just there that we’re keeping a close eye on things: Deutsche Telekom’s integrated SOC network not only includes the master SOC in Bonn, but also other sites across the world. Our experts analyze security-relevant data and systematically combat cyberattacks there around the clock. And the number of attacks is continuing to rise dramatically: companies from all industries are exposed to increasingly aggressive and sophisticated cyberattacks. Our security experts monitor large parts of the internet and can also see almost in real time on a world map where attacks are currently taking place. Our honeypots act as an early warning system. These virtual traps lure hackers into attacking them by simulating weaknesses. Our experts can then analyze the intentions and tactics of cybercriminals. In the event of criminal activity, our IT forensic specialists are also brought in to reconstruct attacks and secure evidence. We use the information obtained to continuously improve our cyberdefense technology. This gives approx. 200 security specialists a comprehensive view of the constantly changing threat landscape at all times, allowing them to recognize, ward off, and analyze attacks. Beware
of misuse!
The Deutsche Telekom security team processed over 1.7 million critical security incidents in 2022. In addition, tens of millions of IP addresses are reported annually under suspicion of misuse. One example of such misuse is when a computer belonging to a business customer or consumer is infected with malware and attacks other computers or sends spam via a Deutsche Telekom internet connection. We are alerted about this by sources such as security organizations or our own honeypots. 7
We have seven days to investigate the reported misuse of internet services and to identify the customers affected. After that, the relevant IP addresses stored are deleted in accordance with statutory regulations.
When danger strikes
We look into all reports received. In the event of misuse, we identify the affected customers and send them a guide on how to remove the malware from their computers. If attacks from a customer’s computer continue, we take additional steps. To protect other users, for example, we can temporarily block individual services such as email. Once compromised customers have resolved the problem independently – with the help of their own chosen expert or following the advice of our security team – the blocked service is reactivated.Thomas Fetten, CEO of Deutsche Telekom Security GmbH
Attacks target company networks
Working from home is becoming increasingly popular and a key part of current working practices. However, this clearly means data security needs to extend beyond company premises, too. Hackers are also targeting people working within their own four walls because, in many cases, home networks are not adequately protected. People working from home should protect their network connection with a password or code. A secure link to the company network should also be ensured. A VPN connection is one possible option.Deutsche Telekom staff working from home are also protected by a special firewall that makes it as difficult as possible for would-be attackers to gain access. However, our staff’s expertise plays a similarly important role when it comes to fending off cyberattacks. For example, they can use the interactive online game “Home Office Hero” to familiarize themselves with all the key security considerations relating to working from home.
The human factor
Germany’s Federal Office for Information Security warns that cybercriminals are masquerading as officials online and asking people to reveal company-related data. Another ploy is to send viruses via email. Clicking a link without thinking can freeze an entire computer, which is only reactivated on payment of a bitcoin ransom. Phishing emails of this kind land in digital mailboxes day in, day out, and people – rather than the IT system – are the weak link exploited by such social engineering scams. This is because when it comes to social engineering, cybercriminals use human characteristics such as a willingness to help, fear, or trust to achieve their goals. To ensure that these scam tactics never succeed, you must follow a few ground rules: be aware and do not transfer any confidential data to dubious contacts. You should also be careful about revealing personal information on social networks, as it can be put to fraudulent use. If in any doubt, it’s better to ignore emails or phone the sender to obtain verification.
Security for small companies
Smaller businesses also fall victim to cyberattacks. In many cases, they only have limited financial resources available for IT and data security. Consequently, we’ve joined forces with security service provider WatchGuard to develop Business Network Protect – a special cyberdefense solution geared to smaller companies that offers them an ultra-secure firewall, including hardware and firewall management in real time. This makes it easy for customers to make their company data reliably secure – without any technical know-how. The solution also protects staff working from home. Business Network Protect is available for a fixed monthly charge, so there are no high one-time costs. For more information, click here.