Countering hacker attacks on the logistics industry
The Schleswig-Holstein regional group of the BVL, together with logineer, hosted a business lunch on the topic of hacker attacks on the logistics industry. The exciting speakers - a friendly hacker, an employee of the German Federal Criminal Police Office (LKA) and an IT security expert from logineer's parent company q.beyond AG - showed how cyber attacks happen and how to protect oneself against them.
Over the past year, a large number of cyber attacks have been carried out against the German logistics industry, some of which have caused a great deal of damage. Often, the hackers would only release the encrypted data after paying a ransom that could run into the millions of euros and/or bringing down the company's IT for days. This was reason enough for the German Bundesvereinigung Logistik (BVL) to organise an information event for members and interested parties.
Host Jan-Ferdinand Lühmann, Branch Manager of DACHSER SE and Deputy Regional Group Spokesperson of the BVL Schleswig-Holstein, had invited them to the DACHSER Logistics Centre in Neumünster. There, the focus quickly turned to fundamental questions:
- How do cybercriminals work?
- How can you protect your own business from cyber attacks?
The three experts, who presented their views and engaged in lively discussions with an interested audience on 23 February 2023, agreed: Prevention and contingency planning are essential!
Deep fake - and now the Federal Chancellor is speaking
Donald Ortmann had come up with something special for the 25 participants: The Hamburg IT expert works as a pentester. Using friendly hacker attacks, he identifies weaknesses in companies' IT security on their behalf.
At the event, he demonstrated how easy it is to manipulate websites and media content - known in the trade as deep fakes. For example, instead of Ortmann's face, the likeness of German Chancellor Olaf Scholz suddenly appeared on the screen, and he immediately addressed the audience - a deceptively real fake.
According to the expert, another method often used by cyber criminals is identity theft. For example, sometimes all a fraudster needs to know is the information printed on an employee ID card that a new colleague posts on a social media channel. Using the stolen personal information, they could access the company's systems. In the case of logistics companies, container transports would be diverted in this way and then robbed. "That is why safety starts at the factory gate," emphasises Ortmann.
"No backup - no compassion"
Henry Georges appeared in front of the auditorium with an eye-catcher: With the words "No backup - no compassion" on his T-shirt, the expert from the Hamburg State Criminal Police Office (LKA) made it clear that he has little sympathy for companies that do not back up their data. Of course, even this does not always protect against hacker attacks and the damage they can cause.
Georges, who regularly trains on topics such as awareness and backup strategies for the LKA's Central Cybercrime Contact Point (ZAC), explained how to prepare for an attack: Having a contingency plan in place that identifies the people responsible and the procedure to be followed is essential. In the event of an attack, an interdepartmental emergency response team should be set up, as many areas and issues will be affected. He also recommends seeking advice from the police in the event of an attack, especially if a ransom is being demanded.
Indeed, many guests were particularly interested in the topic of ransomware: Should you pay to get your data back?
According to the LKA expert, this is a matter of consideration and ultimately a business decision - depending, for example, on the amount claimed and the suspected damage. Negotiations with the hackers are often unavoidable. Ransom payments cannot always be avoided. But if you pay once, you might as well pay twice. So cybercriminals often attack the same company again.
Technical and organisational measures against hacker attacks
The third part focused on a holistic IT security strategy. A short introduction was given by Pascal Eggert, Managing Director of logineer. He emphasised the importance of preventing attacks or bringing them under control.
Stefan Peter, Head of Cyber Security Services of the IT service provider and logineer parent company q.beyond, provided the details. Peter is in charge of the cyber security portfolio of logineer and q.beyond (SIEM, EDR and Vulnerability Management Services) and advises and supports companies in the design and implementation of a suitable security concept.
His presentation covered, among other things, the "seven layers of security" - i.e. the areas of the enterprise that require protection, from A for application to U for user. In fact, according to Stefan Peter, the users - i.e. the internal IT users - pose a very high risk. This is why he recommends organisational measures, such as training. These should be in addition to technical measures: "The training and awareness of employees is a key factor in the prevention of hazards. logineer offers so-called Security Awareness training courses for this purpose.
More information on cybersecurity for logistics
Overview on the logineer website: Take care of IT security now
Cyber security solutions from logineer:
- Cyber security for all logistics processes (PDF in German)
- Security Awareness Training (PDF in German)
- EDR (Endpoint Detection and Response) (PDF in German)
- SIEM (Security Information and Event Management) (PDF in German)
- Vulnerability Management Services (link to website)