For some years now Trojans have been spreading fear and terror.
The malicious software, with its sonorous names like WannaCry, Petya or Emotet, causes companies and authorities to riot and cause millions of dollars in damage. At the moment, another large-scale Trojan wave is causing trouble. Recently, in a hospital in the administrative district of Upper Bavaria, all Windows servers and computers failed after a Trojan attack; a well-known mechanical engineer from Munich had to reduce production for weeks due to several encrypted computers, … these are only a few prominent examples of recent times. The malware: Probably an old friend – Emotet. Nevertheless it hits many companies unprepared.
For years hackers have been successful with their Trojans again and again.
In Germany alone, cybercrime causes annual damage in the double-digit billion range – and the trend is rising. But cyber attacks could have even more drastic consequences in the future. Companies only have to implement the simplest principles and finally renounce the misconception that the purchase of security software could suffice as protection. Anyone who thinks like that will be caught sooner or later,” says Schartner. From his daily work he knows: “Effective protection is only possible if a meaningful mix of prevention, detection and reaction measures is used.
Trojans spread with the simplest methods
The methods used by hackers are by no means new. All the more frightening is the fact that it hits companies unprepared again. Unintelligible. The examples show that dangers were not taken seriously or underestimated. Only in this way can it be explained that Trojans could spread and cause horrendous damage with the simplest methods and by exploiting long known security gaps and faulty system configurations.
Tojans with spy modules, ransomware and financial manipulation modules:
Anything is possible. “With the right authorization and configuration concept combined with professional vulnerability management, such attacks can be avoided,” says Schartner. Because the vulnerabilities that promote propagation are often known for a long time. The problem is that serious security vulnerabilities often remain unresolved for months or months. Obviously, board members and administrators still believe that firewalls, VPN servers and antivirus software are perfectly sufficient. A fallacy. The best technical protective measures are of little use if they are interspersed with security gaps or can simply be circumvented. A single error can be enough to open the door to the spread of malware.
But current Trojans can do even more.
If they have infected a system, they have the possibility to read Outlook contacts and entire communication processes of their victims. This enables them to automatically send phishing emails with infected attachments on behalf of their victims.