Networked vehicles, smart homes, e-health and online shopping – just a few examples of how Internet-enabled communication and data exchange are having more pronounced effects on our daily lives.
In increasing connectivity, one also increases the potential for risk. A string of successful and well-publicized cyberattacks go to show: digital threats are not just theory. They hit Internet users and consumers where it hurts, and through channels taken for granted on a daily basis.
For this reason, the cyber security sector has experienced a veritable boom in recent years, with hardly any other sector so desperate in its search for experts. Job prospects could hardly be better for recent graduates, those switching professions and experts in this area.
Hackers ensure security of future Volkswagen vehicles
Even businesses from more traditional industries are developing their future-critical cyber security competencies. For example, two years ago, Volkswagen founded Tel-Aviv-based subsidiary Cymotive in collaboration with a collective of Israeli IT specialists. The company develops security solutions for the next generation of connected vehicles, and in doing so employs a highly qualified team of hackers. The hackers identify potential security flaws in the data interfaces of the miniscule computer chips found in various electronic components, as well as in the associated software.
Both VW and Cymotive keep the names of their hackers confidential, but do provide insights into their work. For example, a so-called Red Team employs the same methods and tools as criminal hackers in order to attack and manipulate the systems being tested.
Cyber security is more than just the technological safeguarding of infrastructure and systems
If a security flaw is discovered, the Blue Team – located next door – develops concrete defensive measures to address it. Even though these experts are located in Israel, they work closely with their German colleagues at the Volkswagen headquarters in Wolfsburg.
The Director of Information Security, Beate Hofer explains: “Cyber security is more than just the technological safeguarding of infrastructure and systems.” It also comprises IT security procedures, risk management and a great deal else. “In order to effectively tackle cyber security, we need new perspectives – and that includes the perspective of the hacker,” continues Beate Hofer.
Ethical hacking for product security
DEKRA also partakes in this belief. At DEKRA's Málaga facilities in Spain, there is a team of so-called ethical hackers. Manuel Mancera explains what their daily workload looks like: “We use the same methods as criminal hackers – but with a positive objective. Namely, to expose weaknesses in the security concepts of products tested by DEKRA.”
There is a wide spectrum of products investigated by the highly specialized team, including systems such as smart home devices, e-health products, and of course connected vehicles. For this reason, Manuel Mancera works in close collaboration with his colleagues from the Product Safety and Connected Car departments.
In this cooperation, everybody involved brings their own perspectives as to what is prerequisite for a comprehensive customer solution. The fact that the team in Málaga are counted among the most learned experts in their field is demonstrated in the fact that they are represented in all preeminent standardization committees across the cyber security and connected vehicle sectors, to which they contribute their experiences.
Honeypots protect industrial clients
In addition to protection for products destined for the end consumer, cyber security also plays a decisive role in industrial applications. Under the auspices of Industry 4.0, production facilities are being connected and linked to cloud services. However, this raises the potential risk of industrial espionage and sabotage.
Countering such hazards is just one of the responsibilities of security specialists, such as those employed by Deutsche Telekom’s Bonn-based ‘Cyber Defense and Security Operations Center’ which was founded at the end of 2017.
One billion security-relevant incidents per day
“We analyze all activities across our international network,” reports René Reutter, Senior Security Specialist. “On any given day, we identify around a billion security-relevant incidents.” Among this astonishingly high number of incidents are attacks on both private clients and the systems of Telekom’s corporate clients.
It is self-evident that such analyses must be automated. Employees such as René Reutter only intervene when the software-based security and filter systems hit the limits of their capabilities. But this is not all that the specialists do – in order to identify and analyze new attack methods, they place so-called honeypots in the network. These are specially prepared systems that – to cybercriminals – appear like industrial facilities with open security vulnerabilities.
They attract hackers like an open pot of honey attracts bees. Experts such as René Reutter can then observe and investigate how the criminals go about their attempts to penetrate the system.
People remain the most important factor
“Even with all the technological solutions available for IT security, one must never lose sight of the human factor,” asserts Mei-Li Lin from DEKRA Insight. She and her colleagues in the Organizational Safety and Reliability Department concern themselves with the relatively new field of Behavioral Cyber Security. She continues: “It is all about giving employees practical and effective cyber security procedures to follow. Even the most effective protection concepts will fail if the rules that users must adhere to are not fit for purpose.”
Healthy cyber habits
It is therefore critical that security regulations are laid out in such a manner that they can be implemented even in the most stressful of situations. “For example, we examine which IT security-relevant decisions employees make when under pressure.” With special coaching, it is possible to train people to employ healthy cyber habits.
And this, according to Mei-Li Lin, is more important and expedient in critical situations than any theoretical approach, which may be cast aside in the heat of the moment.
3 questions for Manuel Mancera, ethical hacker for DEKRA in Málaga, Spain
Mr. Mancera, how does one become a hacker for the ‘good side’?
Mancera: I studied information technology at university and specialized in the discipline of cyber security. When DEKRA began assembling this group of specialists two years ago, I immediately applied and was thus one of the first members in our department.
How does a day’s work for your department look?
Mancera: We work on a project basis, and normally with a specific product. There are, in principle, two testing approaches – black box and white box. In black box testing, we have no idea of any product details, and try to ‘crack’ the products in question with known exploits – that is publicly accessible safety flaws. This is the more common approach. With white box testing, the manufacturer provides us with specific documentation and insider information. This allows for more enetrating tests in specific areas but may also mean that we pay less attention to attack methods outside of the more obvious ones.
How do you proceed once you identify a concrete security weakness?
Mancera: As a rule, the manufacturer takes over at this point and implements concrete improvements to address the identified weakness. Following this, the product comes back to us for further analysis. This may go back and forth a couple of times until we all decide that a sufficient level of security has been established.