Critical infrastructures are popular targets for cybercriminals.

Even the healthcare sector is not spared by cybercriminals. As early as January 2022, a hospital network on Lake Constance became the target of a cyberattack. But small and medium-sized enterprises are also in the focus of hackers.

Electricity, water, cash, and medical care are things we take for granted. We only realize how much when these critical infrastructures (energy, water, food supply, information technology/telecommunications, healthcare, transport/traffic, as well as financial/insurance services) fail. Supply shortages may occur, causing price increases or even endangering public safety. Operators must therefore regularly demonstrate to the Federal Office for Information Security (BSI) that effective measures are in place to protect the systems.

Worst-case scenarios

A lucrative target for criminals at the moment is the healthcare sector. Due to the sensitive data involved, the BSI states that the extortion potential there is high. Affected institutions are very likely to comply with ransom demands.

At the beginning of January 2022, a hospital network on Lake Constance fell victim to a cyberattack. As a precaution, all servers and devices were shut down.

In the worst case, hospitals affected by malware have to shut down operations. Then, neither surgeries can be performed, nor digital patient records accessed, nor medications administered. The hospitals on Lake Constance were unable to admit new patients for several days but were still able to care for those already admitted.

Lucrative Targets

In the past, large corporations were lucrative targets for hackers. Today, small and medium-sized enterprises are also of interest, since ransom is often paid to avoid data protection violations such as the publication of sensitive data. In addition, hack-bots often do the preliminary work. These programs automatically search for poorly secured systems and attack them. If successful, hackers then plan the next strategic steps.

In 2020/21, 9 out of 10 companies fell victim to cyberattacks, causing an average loss of 6.5 million euros per company. How can you protect your IT?

Certificates – the basis for cybersecurity

Regular software updates as well as data encryption using digital certificates help minimize risks. The latter are used, among other things, for digital email signatures, VPN connections (home office), or to secure devices that transmit data over the internet (webcams, medical equipment).

For security reasons, the validity of certificates is limited. They must be renewed in time, otherwise system failures may occur. Since certificates are used in many areas of a company, a certificate management tool such as essendi xc is advisable.

The requirements for the management and handling of digital certificates are defined in guidelines and standards such as ISO/IEC 27001.

essendi xc supports the implementation of measures within the framework of ISO 27001 in the field of cryptography. It documents the complete lifecycle of all digital certificates in the company. During an audit, you can provide proof of your procedures at any time in a revision-proof manner.

Subscribe to the free essendi it newsletter.

SIGN UP NOW AND STAY INFORMED.