As the German Government reviews its information security measures following one of the biggest cyber attacks on the Bundestag, the German defence minister, Ursula von der Leyen, has warned of the growing danger posed by cyber attacks.
Von der Leyen called cyber attacks “one of the biggest challenges for international security in the coming decades”, saying they can “cause enormous damage” to the country’s economy and public services, according to the newspaper Welt am Sonntag. Her comments echo those made by British Prime Minister David Cameron and US President Barack Obama in recent months, with Obama in January calling cyber attacks an “urgent and growing danger”.
Bundestag cyber attack affected up to 20.000 accounts
Late last month, German news magazine Spiegel Online reported that the Bundestag – the lower house of Germany’s parliament – had suffered a cyber attack that affected up to 20.000 accounts on its networks. As of last week, the attack was still believed to be ‘live’ and stealing data from Bundestag computers, which has led some to suggest that the entire network needs to be replaced.
A computer in German Chancellor Angela Merkel’s legislative office was one of the computer’s hit by a cyber attack.
Ongoing Bundestag cyber attack is shameful, says security expert
Alan Calder, founder and executive chairman of IT Governance, says: “A government institution suffering a cyber attack of this nature is embarrassing enough, but having it running live for more than a month is quite frankly shameful.
“An organisation of that size should have the infrastructure and resources in place to defend against such an attack, or at least recover quickly from it.
“We strongly recommend that EU organisations test their network and web applications regularly to identify vulnerabilities and fix them before criminal hackers exploit them.”
Regular penetration testing is recommended to identify and fix vulnerabilities within your systems
For organisations concerned with vulnerabilities within their systems and that want the testing in place to identify and fix weaknesses before criminal hackers exploit them, security experts strongly recommend regular penetration testing.
Penetration testing involves simulating a malicious attack on an organisation’s information security arrangements, often using a combination of methods and tools. It should be conducted by certified ethical professional testers (such as CREST-qualified staff), and the findings will detail the security measures that your organisation can use to improve its cyber security posture.
As a CREST member company, IT Governance has been verified by an independent body attesting that our work will be carried out to a high standard by qualified and knowledgeable individuals.
Our Web Application Penetration Test combines a number of advanced manual tests with automated vulnerability scans to ensure every corner of your web applications are tested.
Our Web Application Penetration Test will:
- Carefully scope your testing environment
- Perform a range of manual and automated tests
- Provide a detailed report that explains the vulnerabilities found and recommends measures to address them
- Deliver an executive summary that is perfect for your management team