Security Against Cyberattacks with Active Patching

Hackers often sneak unnoticed into companies’ IT infrastructure. One popular method is to gain access through phishing emails or exploit security vulnerabilities and then access not only the company’s IT systems, but also connected systems. Frequently, the hackers then strike with ransomware, deleting and/or encrypting backups and data. The company being attacked often fails to notice until it is too late. The damage is great, since not only do the IT systems have to be reinstalled but such a cyberattack also has a negative impact on production. Companies often need several years to reel back from an attack. Many companies cannot make it and go bankrupt. On the other hand, a global industry like ours cannot forgo worldwide networking.

In its May 2022 study “Cyber Security in Austria”, KPMG Security Services determined that the top methods of attack used by hackers are phishing, accounting for over 50% of attacks, and malware, accounting for 39%. There are also deepfakes, i.e., phishing combined with high-tech manipulation, for example using AI (artificial intelligence), and, above all, ransomware attacks. Many hackers have the same goal – to extort millions.

Countermeasures and Security Strategies

Companies’ first countermeasure should be to get an overview of their entire system before a cyberattack even occurs. In particular, they should consider functionalities and interfaces of components and identify possible vulnerabilities. The measures also include a comprehensive data backup.

On the software side, there are several security strategies. Hardening is the process of restricting access to the system from the outside. In virtual patching, the virtual patch bypasses the vulnerability, but does not eliminate it entirely. In active patching in contrast, security updates are regularly applied to the system, actually eliminating the existing security vulnerabilities. However, this is not a one-time action – it needs to be carried out regularly, because what counts as a secure interface today may already be something a resourceful hacker can crack tomorrow. That is why it’s important to always stay one step ahead. And keep in mind that the longer it takes to detect a hack, the more expensive it becomes.

Comprehensive Cyber Security Service, Even for Existing Systems

The core of SSI SCHAEFERs “Cyber Security Service” is active patching. Although we primarily offer this process for new systems, it is also being used more and more in older systems, for example in the course of a retrofit. SSI SCHAEFER has an experienced team of experts who implement the measures and can be reached around the clock in case of emergencies for remote service.

At first glance, comprehensive cyber security measures can seem quite expensive. However, the example of cyberattack on Maersk in 2017 shows what can happen without protection: The NotPetya malware caused around $300 million in damage, and Maersk had to reinstall 45,000 client computers and 4,000 servers worldwide. This quickly puts the effort and cost of security into perspective.

About the author:

Admir Sipic graduated from the “Höhere Technische Lehranstalt (HTL) Graz” with a specialization in Computer Engineering, then completed his Bachelor's degree (BSc) in Industrial Management/Industrial Economics in Kapfenberg. In 2010, he started his career at SSI SCHAEFER in Remote Support in the Customer Services business unit as an IT technician in Graz, and five years later took over responsibility for the entire department as Head of Remote Support in Graz. Since 2020, Admir Sipic has been responsible for Remote Service on a global level and holds the job title VP Global Head Remote Services at SSI SCHAEFER.