"Some companies in Germany have seen production or other critical business processes at a standstill for over a week", reported the Federal Office for Information Security (BSI) in July 2017. A malware program called Petya had infected computers via a bookkeeping program and caused damage costing millions. And yet businesses in Germany escaped relatively unscathed. Petya was just one of several malware programs used last year to carry out targeted attacks on IT networks worldwide. Private users were also affected. When Facebook was hacked in September 2017, criminals obtained access to 50 million user accounts.
While cyberattacks are nothing new in themselves, their dynamism has changed. Advances in digitisation and the interconnection of devices and machines in smart homes, industrial plants and utility infrastructures such as energy grids offer increasing scope for criminals to attack. "And the hackers are intelligent", says Professor Jörn Müller-Quade, computer scientist and cryptography expert at the Karlsruhe Institute of Technology (KIT). "Which makes the attacks hard to predict."
The goal: to compile "weather forecasts" for security
Müller-Quade wants to improve the protection of IT infrastructures. To this end, he is pinning his hopes on a cryptographic approach that is based on mathematical models. These models map out security requirements that have been clearly defined in advance. "Not only must they be formulated for individual elements within the system, such as nodal points in the network; they must also encompass all security-relevant properties of the entire system", he explains. Consequently, predictions can be made about security, much in the same way as the likelihood of rainfall is predicted in a weather forecast. That said, such models must be constantly expanded and improved to keep them as up-to-date and realistic as possible.
Model for secure energy grids of the future
Just such a model is currently being developed for future energy grids at KIT's Competence Center for Applied Security Technology (KASTEL). This is a project that sees computer scientists working closely together with electrical engineers. "We depend on an expert knowledge of physics so that we can understand the circumstances for example that cause an energy grid to become unstable", says Müller-Quade.
Numerous IT security research hot spots in Germany
KASTEL is just one of three competence centres for IT security research in Germany that have been funded by the Federal Ministry of Education and Research since 2011. In much the same way as their colleagues in Karlsruhe, scientists at the Center for Research in Security and Privacy (CRISP) in Darmstadt are also exploring application-oriented questions. The third centre in the group is the CISPA Helmholtz Center for Information Security in Saarbrücken, where a team led by computer science professor Christian Rossow is working on what are known as "Distributed Denial-of-Service Attacks". These cyberattacks involve crippling the online services of banks, traders or governments by flooding them with data. Rossow and his research group are developing methods and tools that will analyse and stop such attacks.
"An enormous amount is currently being done in the field of IT security research in Germany", says Müller-Quade, who is delighted that the Horst Görtz Institute for IT Security at Ruhr-Universität Bochum was successful in the latest round of the German government’s Excellence Initiative. From 2019, the principles of IT security will be researched there at the "Cyber Security in the Age of Large-scale Adversaries" (Casa) cluster of excellence. Two other hot spots in cyber security research in Germany are to be found in Munich: the Cyber Defence (CODE) research institute at the Universität der Bundeswehr (only in German) and the Fraunhofer Institute for Applied and Integrated Security. Researchers there are working among other things on mechanisms designed to detect anomalies – caused by hackers – in IT systems in real time.
Users and manufacturers must also act
The Karlsruhe-based crypto-researcher believes that one other aspect is crucial if cyber-criminality is to be combated systematically. And this is something that affects both users and manufacturers of IT devices: "The IT security of devices is not taken seriously enough. Neither by users, who find it too convenient to do nothing, nor by manufacturers. They still view IT security as a lower-level priority and prefer to advertise other functionalities." Jörn Müller-Quade is convinced that comprehensive protection requires not only innovations from research, but also detailed legal requirements.
Competence Center for IT Security at the FZI
The Competence Center for IT Security at the Research Center for Information Technology (FZI) is part of the Karlsruhe Institute of Technology (KIT). It was established to provide small and medium-sized enterprises with targeted support in the area of IT security. This is crucial given that Germany's small and medium-sized enterprises generate more than half of the country's annual sales and nearly 60 percent of its jobs. The researchers at the Competence Center for IT Security at the FZI offer companies risk analyses and IT security tests, among other things.www.fzi.de > Competence Center for IT Security