The identity card is becoming digital

The identity card is becoming digital.

Samsung is working together with the German Federal Office for Information Security (BSI), Bundesdruckerei and Deutsche Telekom Security on a hardware-based security architecture that will allow us to store our ID card – and later also our driving licence, health card and other sensitive documents – on our smartphone.

These documents will be stored safely in an embedded secure element.

The eSE (embedded secure element) is a tamper-proof chip that can be embedded in any mobile device. It ensures that data is stored in a secure location and information is only shared with authorized applications and people.

The aim is to provide citizens a simple way to keep sensitive documents safely with them at all times. The solution is the smartphone that almost everyone always carries with them.

Would you store your data such as personal ID, driving licence, health card, etc. on your smartphones? We are interested in your comments.


Security reminder for every “new homeoffice” organization

At the beginning of the pandemic priorities were immediately redefined. For the majority of companies it was the most important concern to make homeoffice possible in order to maintain productivity and keep the business alive. Once this huge project was realized many of us jumped back to overdue business projects and forgot about a very important matter that accompanies the new work environment – it´s own IT security needs.

At home we use our personal network (and in some cases even personal equipment / “BYOD”) that is hardly protected, making it quite easy for attackers to intrude the company network through this weakpoint.

According to many cyber experts and research, the biggest risk still is the human factor and this is why most cyber attacks aim at our digital identities, stealing passwords and manipulate us with social engineering techniques.

Covid-19 accelerated digitalization and new work structures for many organizations all over the planet. We now must not forget to take care of our digital safety in rapidly grown remote work structures.

What is your experience – did your network adapt to “new work”´s security needs?
Cyber Security

As per reports from Hiscox Cyber Readiness, 33% of SMEs were victims of a (known) cyber attack last year.

As per reports from Hiscox Cyber Readiness, 33% of SMEs were victims of a (known) cyber attack last year.

Ole Sviederding – Underwriting Manager Cyber at Hiscox – says according to DATAKONTEXT GmbH ( “SMEs are particularly attractive targets for hackers, as they are generally worse protected against cyber risks than large companies”.

While in large companies departments or staff units are created to secure the IT infrastructure, in SMEs the IT administrator is responsible for the IT security of the entire company in addition to his or her actual activities.

The economic damage in the case of a successful cyber attack quickly runs into the six-digit range. Often, action is only taken after a successful attack on the infrastructure – and thus too late.

Avoid the risk of a cyber attack and implement the latest IT security solutions such as multi-factor authentication or IAM systems.

Stunning FACT: Did you know, that not every hacker wears a hoody or a mask during his hack?

IT security: public cloud can become a gateway for companies

As more and more companies move to hybrid (or even cloud) infrastructure, they need to be aware of security lacks. Many organizations have a workload in the public cloud, containing credentials, passwords or API-keys. Attackers there have a good chance finding a first point of entry to your company.

Even more critical is the fact, that 25% of the companies do not use multifactor authentication for their superadmin cloud-accounts. Nowadays it is very easy for hackers getting their credentials to cause a huge damage in the companies infrastructure.

Be aware that moving to cloud without any security components such as MFA or IAM-Tools could cause massive damages and costs by getting hacked or any other cyber attack. Just remember to have a good security environment around giving intruders no chance to have access to your data.

#cloud #MFA #IAM

MATA: Multi-platform targeted malware framework

Researchers have uncovered a series of attacks that use the advanced malware framework “MATA” against the operating systems Windows, Linux and MacOS. The framework has been used since spring 2018 and is attributed to the notorious North Korean APT group Lazarus. German companies are also affected by the attacks.

The framework itself gives its controllers the flexibility to target Windows, Linux and macOS, and consists of several components including loader, orchestrator and plugins.

As cyber crime continues to evolve, do not allow your companies’ IT security to become outdated.