Thursday, 28 June 2012
Honey-pot system used to flush out cyber hackers at German giant Telekom
Most cyber attacks from external sources can be easily prevented if detection and security software is kept up to date, according to Thomas Tschersich, Head of Global IT-security at German telecommunication giant Telekom. He also explained to Commercial Risk Europe how his company uses a honey-pot system to attract hackers in order to trick them into revealing their methods and techniques.
“Between eighty and ninety percent of today’s data leaks could be avoided if companies kept their software in shape and updated,” said Mr Tschersich.
But in order to mitigate the threat of a cyber attack on its systems, Telekom has gone one step further and set up a special online program that actively encourages criminals to attempt a breach.
The so-called honey-pot system creates promising hacker targets, with low security barriers and the suggestion that they hold valuable data, such as customer information or even credit card data.
However, hackers who access the apparent web server do not find anything valuable. Instead, the program analyses exactly how each hack took place. Telekom then uses this information to keep its IT security systems updated.
Telekom keeps between 30 and 40 such honey-pot systems online worldwide, and each is being attacked about 50,000 times per month, Mr Tschersich said. As a consequence, his team of specialists have unearthed around 50 new tools and techniques used by computer hackers.
Telekom’s IT specialists then use the information to direct similar malware at the company’s products before they are sold. In short, they test whether the products stand up to such attacks. “It’s about continuously keeping the system in shape,” Mr Tschersich said.
But even well organised IT departments cannot rule out the threat of IT-risks altogether. “There is always a residual risk,” Marcel Roeder, Senior Consultant with broker Aon said. He advises companies to think about insurance of data loss or financial damage.
The market for cyber risk insurance is still dominated by British and American insurers, explained the broker. One reason for that is that few German companies have shown much interest in cover, he added.
Mr Vives of Südvers interprets the situation somewhat differently. “Available insurance products have to be adjusted individually to a company’s needs, and that makes them expensive,” he argued. This is turn makes them unattractive to German buyers.
One insurer already offering insurance against IT risk is AGCS, the industrial risks subsidiary of Allianz. Its all-risk contract helps cover damage to IT systems as a result of attacks and subsequent business interruption.
“Additionally, the contract helps when workers damage the IT by intentional or accidental installation of malware,” Hans Poettker, Global Head of Engineering at AGCS explained.
The yearly premium for cover ranges between about €20,000 and several millions of euros, depending on the size and risk profile of a company.
But German companies are rather hesitant to take out the cover. According to Mr Poettker, AGCS has sold less than 50 contracts. Cover is at present restricted to between €50m and €100m. “Our solution is no final answer,” Mr Poettker said. “IT risks are changing constantly and the needs of customers do so with them.”