14 DAY TRIAL // A collaboration between all entities involved in the security of a digital product reaching consumers is required in order to limit the avenues cybercriminals can take to carry out malicious activity, says Thomas Tschersich, Deutsche Telekom's IT security chief.
Considering the many products that benefit from connectivity these days, and the many security problems developers deal with, creating a security system should lead to better overall protection.
Security should be considered since early beginning
In an interview for Deutsche Welle, the security expert advocated for placing more emphasis on cyber security awareness, which should become available since primary school.
“Children already learn traffic rules before they've started school. But we don't teach them how to get around safely in the digital world,” Tschersich says.
They need to learn about the dangers of the online environment and how to use the Internet in a responsible way.
Since more and more products are now interconnected and can communicate with each other (Internet of Things), security should play a more important role in the development chain. Patching a product for different vulnerabilities should not be the concern of the customer alone, but it should be part of a chain of actors that includes law makers, hardware manufacturers, Internet providers and users.
As it happens with any chain, it is as strong as the weakest link is. That’s why the entire approach should be easy and user-friendly, so that applying updates is not a difficult task.
“Right now, the situation is this: I buy Swiss cheese from the hardware producer and then I have to close all the holes by myself,” Tschersich told Deutsche Welle.
Cybercriminals are quick at devising attacks for mobile platforms
To make his case, the expert reminded of the refrigerator that was used for sending out spam at the beginning of the year. The number of products gaining an Internet connection for increased comfort and functionality is growing, but security standards for them are still to be implemented.
The basic principle that should be followed is that the security as a system requirement should be imposed from the beginning, otherwise flaws appear in the end.
The expert also talked about how fast adoption of mobile technology, Android in particular, led to a dramatic increase in the number of attack tools for this platform.
Cybercriminals seem to develop malware for mobile at a much faster rate than they do in the case of Windows.
According to telemetry data from honeypots, Deutsche Telekom records almost one million attacks on a daily basis. Although most of them are just automated tools for scanning the Internet in search of vulnerabilities, the discovery of more serious flaws is soon followed by professional attacks.