How do operators of critical infrastructure (CRITIS) best defend themselves against cyber attacks? This important question was the focus of the KRITIS Praxis Forum on 10. and October 11 in Würzburg. The annual event organized by ausecus GmbH on Information Security Management Systems (ISMS) and IT security in critical infrastructures took place for the tenth time. SECUINFRA GmbH was there, and twice: On the first day, the two cyber defense specialists, Evgen Blohm and Marius Genheimer, together with Ramon Weil, Founder & CEO of SECUINFRA, organized a workshop on the topic of “Incident Response Processes in OT / Control Technology”. The experts vividly explained what to do when an industrial system is attacked. For this purpose, they used a concrete case study: a large-scale hacker attack on Ukraine’s energy utilities using Industroyer2 malware. On the second day, the security consultants gave a presentation on: “Extortion without Ransomware – Handling a ‘BianLian’ Security Incident”. In the process, the specialists used an anonymized incident to show how attackers from the “BianLian” group were able to penetrate a network.
Both events met with great interest, as all participants were aware that German KRITIS operators could also be affected at any time. No wonder, then, that many representatives of municipal companies, water and energy suppliers, and public transport operators came to the events. They all face the major challenge of having to be prepared for cyber attacks. This is the only way to identify incidents at an early stage and take appropriate countermeasures. In addition, according to the IT Security Act, CRITIS companies must comply with stringent requirements – which was also addressed in various panels. In addition to SECUINFRA, many other experts were represented at the KRITIS Praxis Forum, including from the Federal Office for Information Security (BSI), the Federal Network Agency (BNetzA) and the Federal Criminal Police Office (BKA). Evgen Blohm sees this as a major advantage of the event: “KRITIS operators were able to obtain comprehensive information here and exchange ideas with each other, which was very important.” His colleague, Marius Genheimer, adds: “This year’s KRITIS Praxis Forum was a complete success. I think we were able to give some companies valuable suggestions as a result.” CEO Ramon Weil also draws a positive conclusion from this year’s event: “This format is very important for everyone from the critical infrastructure sector to get up to date. In addition, it gives specialized security service providers like us the opportunity to present our MDR (Managed Detection & Response) service for KRITIS companies, which is a very reliable solution, for example in combination with “KRITIS Defender” from Ausecus.”
