RadarServicesQuarterly-Q1-18 » Radar Cyber Security

Hot Topic

RadarServices expands its portfolio: Industrial Security / Security of Operational Technology (OT) in focus

OT (Operational Technology) is highly interconnected nowadays – both within OT and with IT (Information Technology). Embedded systems communicate independently with one another, plant operators monitor and control remotely, cloud planning systems calculate job steps and machine scheduling, maintenance personnel gain access and make changes to configurations from all over the world.

Nowadays, protective mechanisms for OT and IT are at least just as important as the physical measures taken to protect a factory. Threats can penetrate and manipulate systems via network connections. Malware can completely paralyse vast areas and also cause immense physical damage, as well as putting life in danger. It was clear that factories and plants were the targets of cyber attacks long before the numerous production failures experienced by the multinationals in 2017.

To secure OT and IT, manufacturing companies must establish an effective and efficient security management system for their “smart factories”: Risk identification modules correlate millions of security events and remain constantly on the lookout for new threat scenarios. The results of the correlations then need to get analysed by a team of experts with constantly updated specialist knowledge and skills. The analyses must be able to provide a readily available overview of the critical information that would quickly reveal the presence of a real attack.

RadarServices now offers the necessary technology, experts and processes. Find more information here: Industrial Security

RadarServices continues its strong growth path – awarded again and with a new investor on board!

Two awards for the second time in succession: RadarServices awarded with the “Deloitte EMEA Technology Fast 500 Award” and the “Cybersecurity Excellence Award”

With a sales growth of 1,169% in the period between 2013 and 2016 RadarServices is one of the Top 100 of the fastest growing technology companies in Europe, the Middle East and Africa (EMEA). For this reason the company was awarded with the “Deloitte EMEA Technology Fast 500” Award and achieved position #93 in this competition.

Another award followed in early 2018: RadarServices was elected as finalist for the international Cybersecurity Excellence Awards 2018. The jury, which consisted of renowned industry experts, evaluated the candidates with regards to their future and market potential as well as their track record and in the course of their evaluation praised RadarServices for their particularly excellent innovative strength concerning the fight against cybersecurity risks.

A new strong alliance: CYOSS acquired majority stake in RadarServices

Our newly established alliance with Munich-based CYOSS, Germany‘s specialist for data analytics, IT and OT security, allows us to form the first global player for “Cyber security made in Europe“: With locations in Europe, USA, Middle East, Asia and Australia they provide customers in 170 countries with a perfectly integrated portfolio comprising consulting, testing, detection & response and training in the field of cyber security and integrated big data services.

Strategy – technology – organisation and compliance: Companies and public authorities can now benefit from a one-stop-shop for IT security knowhow in all of these fields. The portfolio covers the entire value chain and customer references come from almost all industries. Our holistic approach, in-house developed technology and comprehensive portfolio attract the best IT security analysts worldwide and protect the values of the European economy and society.

RadarServices has thus continued its successful course since being established and is sustainably building on its strong growth of recent years. The entire team, the products and services on offer and strategic direction of the company are kept just as our customers know and are used to. The previous majority shareholders and founders of RadarServices continue to be responsible for the successful development of RadarServices.

The current threat landscape – an update from the SOC

The experts in Europe’s largest Cyber Security Centre keep an eye on what is happening all over the world every day. Looking back at Q1 2018, they report of increasingly complex and serious attacks.

The Meltdown and Spectre processor security flaws, which became known in January 2018, have shown that there can be weak points both in software and hardware. Although they are very hard to exploit, the fact that they exist is alarming given the relatively long life cycle of hardware.

On the other hand, a new record for DDoS attacks was set. In order to target a host, software was used that should not be accessible without access protection directly over the Internet. With this memcached attacks peaks of up to 1.7 TBps were achieved.

Cryptocurrency miners on web pages are increasingly growing in numbers. It is happening more and more that a cryptominer is started through an advertisement without the visitors noticing it. Although this does not cause any damage, it unnecessarily consumes power and puts a strain on the CPU.

Finally, attacks designed to do targeted damage are a growing problem. Example: the attack on the Olympic Games. The effects of such attacks, combined with the fact that the actual attackers are often very difficult to identify, may have profound political consequences. Thus, the scale of the “cyberwar on the Internet” is growing in size.

The late announcement of attacks can have immediately noticeable negative consequences for individuals. Example case: the attack on Uber, which the company only made public one year later. Until then, the attackers were able to use the captured data without any hindrance. It is against this background that the requirements of the EU General Data Protection Regulation (EU-GDPR) coming into force in May 2018 are to be seen, which stipulate an obligation to report serious incidents within 72 hours, but at the same time are very challenging for the underlying processes in organisations under attack.

Special Task Force im Security Operations Center (SOC): A hacker’s data collection found online: 21 million email addresses and passwords affected – RadarServices set up an ad hoc information service for affected businesses

The IT security analysts of RadarServices, Europe‘s largest Cyber Defence Centre, found a collection of 21 million leaked login data publicly available on the internet. The data includes email addresses and passwords as well as websites, on which the login data was used. End of January 2018 it was found online on the website www.pxahb.xyz. The website is offline now.

Companies and public institutions that are customers of RadarServices and whose domains were found under the email addresses were immediately informed and were thus able to ensure that the affected employees changed their work and private passwords immediately. The “ad hoc service” has, in addition to RadarServices’ regular service portfolio, been well received by customers and their employees. RadarServices is currently developing a corresponding offer in light of the demand for a permanent information service.

Technology News

Research & Development is constantly expanding the feature set of the Radar Technology Stack. Extending detection module capabilities, refining rule-based and behaviour-based detection, adding new normalisation methods, automating SOC processes and operations are just some of the many efforts to enable state-of-the-art security detection and response.

In the field of entity behaviour analysis, reference can be made here to an implemented approach for assessing the behaviour of individual entities based on group affiliation. Stable group affiliations show that there are no abnormalities in the groups of clients, database servers, email servers, etc. If a client were suddenly to show signs of behaving like an email server, a warning would be issued, as malware which sends emails may have been installed on the system. Furthermore, the models make it possible to learn from the fluctuating behaviour of entities, deriving temporal structures and thus defining a new base state.

Similar algorithms are also used for user behaviour, which function according to the principle of detecting “outliers”. This helps to minimise the dangers of insider threats.

Markets & Projects

New publicly available customer references for RadarServices: Airport Salzburg and Salzburg State

Salzburg Airport is the second largest international airport in Austria. It serves Salzburg, the fourth-largest Austrian city, as well as a gateway to Austria’s numerous and vast ski areas, including the Ski Amadé region, the largest network of linked ski resorts in Europe.

IT security is a key priority for the Airport Salzburg. RadarServices is delivering its continuous IT security monitoring and vulnerability management and assessment services to the organization. Read the customer reference

According to the Austrian Federal and National Constitution, the State of Salzburg is a regional authority, funding or providing numerous services for its citizens in the Austrian Federal State of Salzburg. Landesinformatik Salzburg (Salzburg State IT) is the local government office responsible for government IT in this context.

The State of Salzburg has trusted RadarServices for IT risk management for a number of years: The technology in use includes security information & event management (SIEM), network-based intrusion detection (NIDS) and vulnerability management & assessment (VAS). The services of the RadarServices analysts are based on these modules and on both the correlation and cross-correlation of their findings. They assess the findings of automated risk detection and prioritise them for further processing by the staff of Salzburg State IT. Read the customer reference

Meet our experts

Our experts are available for you – meet them at conferences and exhibitions or talk to them in webinars online.

A special highlight in the coming months: RadarServices invites you to the event series “Diamonds are a Hacker’s best friend”. It’s about precious diamonds, on the one hand, and “corporate diamonds”, namely, business secrets, patents, customer data, source code, and other similar things. Together with investigators of the world’s largest diamond robbery cases, we have analysed many cases of (corporate) diamond robbery – and found striking parallels in attacker profiles, preparation phases and attack strategies. See real-life events from a previously unknown perspective and take many unique insights into your IT security strategy. Amongst other cities we are in Zurich on 15.5 and in Munich on 19.6.2018.

April 2018

18.04.2018, Vienna: Cybersecurity World Tour – the tour through our headquarters in Vienna.
Register here: https://www.radarservices.com/events/cybersecurity-world-tour/

18.04.2018, Hamburg: SH4U verNETzt – IT-Sicherheit aus Sicht der DSGVO
More info: https://www.sh4u.de/

23.-27.04.2018, Hannover: Hannovermesse
Get your free ticket here and visit us at booth C16 in Hall 6.

May 2018

09.05.2018, Wiesbaden: Cybersicherheits-Gipfel Hessen 2018
The conference for authorities: https://innen.hessen.de/

15.05.2018, Zurich: Diamonds are a Hacker’s best friend. RadarServices‘ exclusive journey into the world of diamonds and corporate diamonds.
Get more info: Diamonds are a Hacker’s best friend

24.05.2018, Vienna: Cybersecurity World TOUR – the tour through our headquarters in Vienna.
Register here: https://www.radarservices.com/events/cybersecurity-world-tour/

June 2018

05.-07.06.2018, London: infosecurity 2018
Get more info: http://www.infosecurityeurope.com/

11.06.2018, Zurich: ISSS Zürcher Tagung 2018
Get more info: https://www.isss.ch/veranstaltungen/2018/zuercher-tagung/

19.06.2018, Munich: Diamonds are a Hacker’s best friend. RadarServices‘ exclusive journey into the world of diamonds and corporate diamonds.
Get more info: Diamonds are a Hacker’s best friend

20.06.2018 Vienna: Cybersecurity World TOUR – the tour through our headquarters in Vienna.
Register here: https://www.radarservices.com/events/cybersecurity-world-tour/

Save-the-date Q3 2018

09.-11.10.2018, Nuremberg: it-sa 2018, the largest IT security exhibition for the DACH region
Get more info: https://www.it-sa.de/

Review Q1 2018: a glimpse on our major event participations

RadarServices panelist at the Munich Cyber Security Conference 2018

The cybersecurity part of the Munich Security Conference 2018 took part at Hotel Bayerischer Hof in February 2018. Harald Reisinger took part in the panel discussion on innovation and artificial intelligence. In his view the future of cybersecurity will be headed by experts, not by machines only.

RadarServices exhibited at the GPEC 2018 in Frankfurt – the conference for procurements in the field of internal, public and homeland security

7,442 visitors from 63 countries participated in the conference under the patronage of the Prime Minister of Hessen Volker Bouffier.

Successful launch of cooperation between RadarServices, FL1 and Genesis in Switzerland

RadarServices, FL1 and Genesis hosted the AfterWork event in March so as to present their joint IT security monitoring offer live before invited guests for the first time, and to provide insights into the work of Europe’s largest security operations centre (SOC). In addition to the speakers of the three companies, a presentation was also given by the security officer of Leonteq AG, a leading global B2B financial technology provider headquartered in Zurich and nine other locations in Europe and Asia. Leonteq AG is a customer of RadarServices and presented the cooperation in the context of the Managed Services being used. The first joint event of RadarServices, FL1 and the Zurich-based distribution partner Genesis was very well attended; feedback from the visitors was very positive and showed how up-to-date and in demand the offer of the Swiss partner is.

Technology Webinars

Security Information & Event Management (SIEM)

Central to a SIEM is the collection and analysis of logs from various sources within a network (e.g. server, clients, network devices, firewalls, applications) for security-relevant information and events.

Though what’s really relevant to your IT security out of millions of events?

  • 5 basic rules for the purposeful deployment
  • 5 best practices for higher effectiveness and efficiency

Tuesday, April 10, 2018 at 10 a.m. (german) and 11 a.m. (english)

Register here

Network-based Intrusion Detection (NIDS)

Network traffic from and to the Internet is analysed in real-time in order to detect suspicious patterns and anomalies such as malware, command and control server, bots, spyware, drive by sources, DDoS targets and sources and others.

Continuous network scanning for your security.

  • 5 basic rules for the purposeful deployment
  • 5 best practices for higher effectiveness and efficiency

Tuesday, May 8, 2018 at 10 a.m. (german) and 11 a.m. (english)

Register here

Vulnerability Management & Assessment (VAS)

VAS includes continuous and highly accurate internal and external vulnerability scans for a 360-degree view. Besides fast and efficient authenticated or non-authenticated vulnerability scans, open ports, the use of potential unsecure or unnecessary services on these ports as well as shares and non-secure shares are detected.

Detect the weak spots in your IT infrastructure!

  • 5 basic rules for the purposeful deployment
  • 5 best practices for higher effectiveness and efficiency

Tuesday, April 17, 2018 at 10 a.m. (german) and 11 a.m. (english)

Register here

Our Team

Security Analyst to become United Nations Refugee Representative (UNHCR)

The employees of RadarServices come from 18 nations. Back in the previous year, we reported on the special commitment of our security analyst Asif Safdary. The now 24-year-old was appointed Special Representative on Youth and Security of the OSCE at the beginning of 2017 and held this function for more than a year in addition to his work at RadarServices. Now he has been awarded a new, international mandate: Asif Safdary has been appointed to the newly established Global Youth Advisory Council (GYAC) of the UN Refugee Agency (UNHCR). Filippo Grandi, the United Nations High Commissioner for Refugees, set up a panel of 15 young representatives from Australia, Costa Rica, Ecuador, Germany, Kenya, Morocco, Austria, Pakistan, Switzerland, Zimbabwe, Uganda and the United States.

The activities of the young UNHCR representatives focus on working with the United Nations and its partners to operationalise and institutionalise key issues affecting young refugees worldwide. In addition, the body advises on refugee protection and development issues, and represents their perspectives at national, regional and global levels.

Asif Safdary fled Afghanistan ten years ago and came to Austria separately from his family. Since then, he has been involved in political and social matters: he is chairman of the board of the Association of Afghan Students and promotes networking, support and integration in this milieu. As the integration ambassador of the Austrian Integration Fund, he gives talks at schools, tells the story of his own integration and thereby serves as a model for young people. He also occupies a board function at the START Alumni Association. START is a scholarship programme that helps dedicated teens graduate from upper secondary school and obtain university entrance qualification.

RadarServices CFO & CSO Christian Polster congratulated Asif Safdary on his international mandate for the United Nations: “Asif has our full respect for what he has achieved. His continuous and sustained contribution to the ‘real’ and the virtual world gives us all the courage and motivation that each of us can do a great deal to actively shape the society in which our children will live.”

In the media

A vast number of newspapers and journals reported on RadarServices. The interviews and stories included for instance German TV station online via n-tv.de „Hack von Regierungsnetz – Die IT-Schwachstelle ist der Mensch“ and German newspaper Die Zeit (article „Klick! Mich! An!“).

Please find the overview of the media coverage here.

We use cookies and trackers to optimize your user experience on this website. More information. I do not agree. (limited functionality)

Die Cookie-Einstellungen auf dieser Website sind auf "Cookies zulassen" eingestellt, um das beste Surferlebnis zu ermöglichen. Wenn du diese Website ohne Änderung der Cookie-Einstellungen verwendest oder auf "Akzeptieren" klickst, erklärst du sich damit einverstanden.