The human factor

The human factor

Lessons learned from the first day of the SOC Summit.

David Copperfield always said, "The Stage is yours". After three years, our Hungarian partner in the field of Security Operations Center SOCWISE, held their Summit. After three years, well-known personalities from the field of cyber security could finally look each other in the eye again, exchange ideas together, smile together. At 9 a.m., moderator Simon Diez opened the event and gave the stage to the main actors of the event. Already the second contribution of Munich's local hero Ralf Reinhardt on his self-selected topic Behavior in Incident Response received much attention and praise.

Robert Ehlert and Morgan Alexander shed new light on criminal hacker organizations

After the first coffee break, it was time for QUANTUM cyber lab AG CEO Robert Ehlert and Head of Cyber Forensics & Operations Morgan Alexander to present their topic. With the topic "How criminal hacker organizations build cyber threats in companies", the two took the stage and shed new light on cyber security from a corporate perspective. Namely, how attackers go about placing people inside companies, or at least getting them in place to do significant damage to a company. Robert and Morgan presented the three most common scenarios of how hackers proceed.

In the first scenario, the "Hacker GmbH & Co. KG," they described how sophisticated attackers can be. This is because these people set up real companies and recruit people who have major financial problems - and hire them. But what do these companies sell? These companies sell something like vitamin pills or something similar. The hired people are sent to companies and encouraged to insert into the devices there under pretexts, for example, a USB stick and to run a program. This gives the hackers a backdoor to the device's data, and in the worst case, even to the entire system. The worst thing is that the persons who inserted the stick into the system and executed malicious code are seen as the main perpetrators and are dropped by the company at the latest.

The second scenario is the "black hat." As a malicious hacker who uses his knowledge and skills only to harm someone. While Black Hat, is the buzzword of cyber security, few people are aware of how such individuals proceed and what strategies they use to realize their goal. Keywords here are CEO fraud, ransomware and worms.

In the last scenario, Robert and Morgan described the inside perpetrator. The inside perpetrator is usually an employee who turns an employee into someone who wants to harm the company and will do anything to do so. The motivation for this can be for a variety of reasons, including the employee leaving the company or, for example, allowing themselves to be corrupted. In the very near future, we will publish a case study in which you can see what damage inside perpetrators can do.

An interesting afternoon with metafinanz Informationssysteme GmbH, SOCWISE and a promising panel discussion.

After a long lunch break, during which the audience could fortify themselves on site, many great and informative presentations followed, including that of Gerhard Guenther, IT Executive at metafinanz Informationssysteme GmbH, which belongs to Allianz Versicherungsgruppe. His topic was DORA, short for Digital Operational Resilience Act, which was passed by the European Union and now has to be implemented by companies. Guenther spoke about the feasibility, but also the challenges, which arise with DORA. Last but not least, the founder and CEO of EURO ONE, the parent company of SOCWISE, Péter Hunyadi, did the honors and closed the round of speakers with his contribution of an OT lab demo. Simon Diez led off with a panel discussion in which open questions and topics were discussed.

We say thank you to SOCWISE for the invitation, a great organization and to every speaker who did the honor. We can't wait for the next Summit!

Do you have questions about SOCWISE, general questions about Security Operation Center or questions about this article or about the products and services of QUANTUM cyber lab AG? Then please do not hesitate to contact us, our team will be happy to take the time to answer your questions and advise you in detail.

Contact us now