Hacking Garmin: So half of the attacks could run into the Void

Always security vulnerabilities, and data leaks make headlines, especially when these are found in products of global giants like Facebook and Google, which we

Hacking Garmin: So half of the attacks could run into the Void

Always security vulnerabilities, and data leaks make headlines, especially when these are found in products of global giants like Facebook and Google, which we use directly or indirectly. So also in the case of the American fitness company and gadget manufacturer Garmin, in the case of the alleged hacker caused the attack for a long system outage.

The accurate observer will find in the specialized media daily news about new safety problems with local Software and Cloud providers. So it was, not least, in the case of SAP, the German technology leader for Enterprise Software, a critical vulnerability is found, the 40,000 SAP customers threatened.

security vulnerabilities

taboo are Not rarely remain such vulnerabilities weeks, months, sometimes even years undetected. Much does not even come to light, because, after all, scratch any negative message to the Reputation of a company. Thus, it is not uncommon that software manufacturers are well aware of the occasions Software to provide the gaps or errors, in order to save costs. Often, these problems are solved in the current operation, in the hope that nothing Bad happens. About the author

Sergej Dechand CEO and Co-Founder of Code Intelligence. The company places a value on complex software testing to make methods for the developer easier. He has relevant experience as an external software developer and IT consultant for different DAX-and as a project Manager at the Fraunhofer FKIE. In addition to his duties at Code of Intelligence, he is actively involved in research in the field of Usable Security of the University of Bonn, where he is also active as a lecturer.

Despite numerous safety certificates and more expensive seal of approval, there are a lot of productive the used Software with numerous security vulnerabilities, which can be found with standard Testing methods such as Fuzzing. These, with the exception of global technology leaders, are hardly used, mainly due to the shortage of skilled workers, as the IT Security specialists are rare and expensive.

The demand for software solutions for Automating the security testing is growing increasingly. The Supplement of those solutions, which can be without great effort in the existing infrastructure and development processes to integrate and master. In most cases, but these are insufficient and not effective enough to avoid the majority of security gaps.

inadequate measures to secure the infrastructure

The software manufacturers are not only for successful hacker attacks. Many hacker attacks are simply due to configuration errors, security vulnerabilities in its own and foreign infrastructure. Many companies try to with anti-virus programs, test seals, and intrusion detection systems (IT security tenkreisen often referred to as “snake oil” ridiculed) to provide security in your infrastructure.

you have been lulled into a false sense of security, because the protection programs can have a maximum to protect against known attacks and pests. Hackers are resourceful and continuously develop new methods and Malware, which pass through the shield freely. It takes some time until new methods can be discovered and combated. Until then, hackers have hit in case of doubt, many thousands of times over the course.

And as absurd as it sounds – often the protection programs themselves that have their complexity via security loopholes and thus as the gateway to the sensitive technical infrastructure of the company to serve it.

In regular, time would prevent Updates many security threats. But as long as the Software runs smoothly, is aimed at preventive measures, usually no thoughts to waste. In General, the understanding of IT security is low.

The most successful attacks are to be protected a result of outdated Software

against hacker attacks, it needs shields not more complex or more expensive protection, which represent a further potential source of danger. It is the simple, obvious solutions are the promise, the successes. Studies show that between 30 and 60 percent of the Leaks are simply due to outdated software versions, which have not been timely updated. Update notices and warnings are ignored by users most rigorously, even if this includes a lot of clicks day-to-day are needed to these alerts to unclick. A consistent Update strategy is easy to implement, requires significantly less resources and increased protection against cyber-attacks significantly.

Software associated with security gaps in Google

should the topic of safety play in the selection of the Software a major role. There are numerous manufacturers and seal of approval, which are repeatedly noticed by inadequate Test methods. If a trademark is not explicitly for its good reputation in terms of safety, one can assess the outside difficult. Here's a simple Trick can help: Is a Software of choice, should simply be your Name in connection with security vulnerabilities googled.

Not every little message means a disaster. In the case of highly complex solutions, such as those of Microsoft or SAP, it can be in the course of the company's history can hardly be avoided to produce such messages. When Researching, make sure whether safety was the extent of what you have, how long it lasted, until you revealed and were fixed. How to deal with problems says more about the manufacturer than the full-bodied promises of advertising.

IT security must be a top priority

When a company of serious security breaches or data leaks are concerned, customers must ultimately ask whether the provider is still the right choice or there are better Alternatives on the market. Everyone would like to avoid with a software involved in the change effort – time-and financially – like. Safety should always have the highest priority, especially when the valuable trade secrets and sensitive customer data is on the game.

Even the manufacturers themselves need to adjust their own security claim always to the dynamic development of the technology and its products in front of abuse. Global technology leader, already successfully modern testing procedures with a high degree of automation of a sound safety and quality of Software. In order to receive the digital competitiveness of Germany, it is important that these approaches will also be arriving in the DAX and medium-sized businesses.

sawtooth-summer is coming to a head: Only 36 degrees - then the drop in temperature PCP sawtooth follows-the summer is coming to a head: Only 36 degrees - the temperature fall of mobile phone to slow? So you storage space on your Android Smartphone free FOCUS Online/Wochit mobile phone to slow? So you storage space on your Android Smartphone-free

Best offer BestCheck.de
Updated Date: 27 July 2020, 21:26

You need to login to comment.

Please register or login.

RELATED NEWS