- 46 million attacks on digital traps in April
- Telekom publishes statistics on attacks
- Conference on Cyber Security to begin tomorrow in Potsdam
Deutsche Telekom is drawing attention to the growing dangers posed by hackers. At the beginning of April the Group had 46 million daily attacks on its honeypots. This is a new record. On average there were 31 million attacks per day last month. In April 2018 the average was still 12 million. The April 2017 figure was still 4 million. The number of attacks is rising exponentially. The Group announced this in the run-up to the Potsdam Security Conference which begins tomorrow.
Honeypots are digital traps on the Internet. They are comparable to honey baits for bears. The company deliberately attracts attackers. Telekom analyses the attacks and uses its experience to make its own systems and those of customers more secure. In April Deutsche Telekom laid out almost 3,000 different traps on the Internet. The number of attacks on the baits of the telecom companies is regarded in the industry as a stopping point for cyber security. They show how busy hackers are on the Internet.
Dirk Backofen, Head of Telekom Security, says: "We will see fifty billion devices on the internet next year. Everyone and everything is connected and needs cyber security. Nobody can do this alone. We need the army of the good. We share our knowledge to immunize our society against cyberattacks. Only by working shoulder to shoulder between politics, science and the private sector will we be able to successfully put hackers in their place."
More than a quarter of hackers aim to control other people’s computers
Deutsche Telekom also publishes statistics on attacks on bait traps. According to this 51% of the attacks were aimed at network security. Hackers concentrated on interfaces for the remote maintenance of computers. In 26% of the cases the attacker was concerned with controlling other people’s computers. Around 7% of attacks were aimed at passwords. Internet sites accounted for 5% of the attacks. Telekom Security observes three to eight unknown attack tactics every day. The company learns defense for itself and its customers from an average of 250 new hacker tricks per month.
In April 110,000 customers were concerned about password theft
Password theft is a major concern for Deutsche Telekom's customer service. Around 110,000 customers had this concern in April and called the hotline. Again customers are falling for phishing. The starting point for such attacks is fake e-mails. They look deceptively similar to those of banks, savings banks, online mailers or telecom companies. They are aimed at fraud. Victims give out customer passwords or access data. The attacker uses these for his own purposes.
Attacks by hijacked computers have increased massively
Attacks on Deutsche Telekom's fixed and mobile networks are also becoming more intense. In April botnets fired 5.3 trillion data packets at Deutsche Telekom. In the previous year the figure was 330 billion. Botnets consist of a large number of hijacked computers or smartphones. These send together data packets to a target under external control. If the target cannot withstand the onslaught of data it collapses. Telekom has installed sensors at the transitions from its network to the Internet. They found out: Botnets use internet surfers of enterprises. They attack where companies inevitably keep data paths clear. And unprotected by firewalls. The hijacked zombie computers lurk where the internet browser receives its data packets from the world-wide web.
Hacker industry and AI put cyber defence under pressure
In addition to exponentially rising numbers Telekom Security is registering fundamental trends in cyberattacks. For years a hacker industry has been emerging. Groups specialize in certain types of attacks and offer them. A customer then assembles the services of different groups according to need and goal. Most hacker groups still come from China and Russia. The proportion of attacks with artificial intelligence is increasing. Attacks are therefore much more successful today. Cyber defence is putting this under pressure. It counteracts more and more with countermeasures in real time.
Center for Cyber Defense in Bonn protects Telekom and companies
The integrated Cyber Defense and Security Operation Center (SOC) protects Deutsche Telekom's IT. The Group founded the center in Bonn in 2017. It is the largest of its kind in Europe. The SOC also protects several DAX 30 companies and a large number of other companies. Telekom has similar centers worldwide. All are networked with each other and form a network together with the SOC in Bonn.
240 experts fend off attacks in the SOCs around the clock. They analyse what hackers intend to do or are capable of doing. And investigate your tactics (threat intelligence). IT forensics are also involved in criminal activities. They reconstruct attacks and secure evidence. With all the information gained, Telekom improves its own technology for cyber defence. The honeypots installed worldwide provide important data. The SOC is one of the largest and most modern defense centers in Europe.