Encountering dangers – minimising the risks

Businesses and universities in Saxony-Anhalt are working at full pelt on solutions in the large-scale building site of IT-security

There is no such thing as “one hundred percent security” and there probably never will be. According to the definition of the German Federal Office for Information Technology Security, IT security is “a state in which the risks that arise during the use of information technology due to threats and weaknesses are reduced to an acceptable level with the use of the appropriate measures." For digitalisation to be able to succeed, cyber security is an essential prerequisite, and the number of companies operating in this area in Saxony-Anhalt is growing accordingly. For example, the company AV-Test GmbH has become a world-leading provider of IT security and anti-virus research services; the company DIGITTRADE GmbH is developing and producing external hard disks and USB sticks with hardware encryption, as well as certified solutions for the storage of sensitive data on mobile storage media. It therefore comes as no surprise that IT security and data protection are key focal points of the "Digital Agenda" which is currently being developed in Saxony-Anhalt under the aegis of the Ministry of Economics, Science and Digitisation.

“One in every two companies in Germany is affected by digital attacks, which result in some 52 billion Euros of damage per year,” highlights Franz Weisbrich. Franz Weisbrich is an industrial engineer and the executive chairman of the company "Sengi IT", a start-up from Halle. Four young professionals, graduates of business administration and computer science, founded Sengi IT with the help of the start-up service at the University of Halle. "We offer a highly secure cloud storage service for decentralised teams," explains Franz Weisbrich. The cloud solution is easy to use and provides employees with secure access to company data, also when they are on the move. The data is encrypted, split into small parts and then stored in various independent data centres in Germany. In cases of attempted theft, attackers are unable to make head or tail of the “snippets”. "And no one knows, not even ourselves, which data is stored where," emphasises Franz Weisbrich. Sengi IT wants to present its products at the CEBIT trade fair for the first time.

Sandro Wefel, a computer scientist at the University of Halle, describes the topic of IT security as being a “large-scale building site". A university, for example, is particularly susceptible to attacks due to its structure. "Our networks are protected differently from companies; they are more open so as to ensure the freedom of our teaching and research. In addition to this, many devices are connected to our systems which have not been designed for security, such as robots. And then there is the fact that employees and students work with their own devices, which are susceptible to transferring malicious software onto the university network,” explains Dr. Wefel.

In a project developed together with Harz University of Applied Sciences, Dr. Wefel is hoping to bring about added security. Users will be able to identify themselves in the online university services with a smart card which is very difficult to forge. It is envisaged that only a card reader and a PIN will be required and the use of a password will be omitted. Equipping employees and students with chip cards, however, is currently too complex. Dr. Sandro Wefel hopes that the results of the project can be implemented by 2020 at the latest on the basis of the distribution of an electronic ID card which could then be used as a smart card.

There can be no doubt that the situation is urgent. Private and public organisations are now dependent on IT systems in all their areas of business and people are using them more and more frequently in their daily lives. And at the same time, the threats are growing: data theft, sabotage, espionage, technical system failures and the misuse of systems by changing the published content, for example. The threats often go unnoticed and are usually only recognised in the event of damage, and they come in many forms. Malware such as trojans, computer viruses, and also ransomware, botnets and identity theft are currently causing damage that runs into the billions of Euros.

The BSI describes a new kind of the threat in its current situation report: "The increasing extent of digitisation and networking due to developments such as the Internet of Things, Industry 4.0 and Smart Everything is offering cyber attackers new potential areas of incursion almost every day, as well as extensive possibilities to spy on information, sabotage business- and administrative processes, and to enrich themselves at the expense of third parties with the use of criminal methods.” With simultaneous freedom of information, solutions for the areas of data protection and data security will not only continue to experience a boom in Saxony-Anhalt; the search portal https://forschung-sachsen-anhalt.de/ of the federal state of Saxony-Anhalt also lists in excess of a hundred projects from the last years in which researchers and businesses have addressed the issues surrounding IT security, whether it is in the fields of agriculture, healthcare, tourism or motoring.

Author: Anja Falgowski

photo: T-Systems