Not much good news at Potsdam cyber security conference
What is the state of cybersecurity in Germany? Representatives from state, companies, academia and civil society spent two days discussing the issue in Potsdam.
Fine weather, gloomy prospects: There was little uplifting news at the Potsdam cyber security conference.
(Image: Hasso-Plattner-Institut)
The discussions at the Potsdam Conference on National Cyber Security attempted to cover the entire spectrum of the buzzword: What to do about disinformation? Is cloudification a blessing or a curse? And can AI destroy cyber security – or save it? Even the experts gathered at the Hasso Plattner Institute (HPI) were hardly able to find definitive answers to such questions. However, the security organizations in particular provided insights into their perceptions.
This is primarily characterized by the threat posed by Russia. Germany and Russia are not at war, but still at peace, but: "It is a different peace than in 2022," said Major General JĂĽrgen Setzer, Deputy Inspector for the Cyber and Information Space (CIR) branch of the Bundeswehr, describing his view. For him, it goes without saying that this must be accompanied by a significant strengthening of the Bundeswehr's own capabilities at all levels. The Bundeswehr is also well-positioned in terms of its "ability to win" on the "CIR battlefield", although there is still some catching up to do in terms of electromagnetic means. In view of the Russian measures against Western states, however, it is clear to him: "There is no separation between internal and external security in the case of hybrid threats."
Videos by heise
Russia will remain the main threat
The Vice President of the Federal Office for the Protection of the Constitution, Sinan Selen ("We see a high willingness to take risks, even personal injury is accepted here") and the President of the Federal Office for Information Security, Claudia Plattner ("the situation is and remains tense and that is and remains worrying") also described the situation as anything but peaceful.
The fact that Russia in particular is currently the most dangerous perpetrator of attacks on digital endpoints is something that neither security authorities nor representatives from science, industry or civil society at HPI expressed any doubt about. And this is unlikely to change any time soon, according to BfV Vice President Selen: "We assume that Russia's attacks against NATO and the EU will continue even after a ceasefire." The security authorities suspect that cyber attacks often serve two purposes at the same time. "If things go really badly, there are only two clicks between espionage and sabotage," said Plattner in Potsdam.
Shiny glitter or lack of basic protection?
However, opinions at the conference differed considerably as to what would help in the current situation. The head of the Central Office for Information Technology in the Security Sector (ZITiS), Wilfried Karl, considers the cloud to be part of the solution to IT security problems under certain conditions, such as sovereign operation. Manuel Atug from the Kritis working group, on the other hand, stated that in most cases it was not about "shiny glitter" solutions at all. Instead, very basic things continue to cause the biggest problems: "Everyone wants recovery, nobody wants backup," said Atug.
Extended surveillance powers for security authorities are of little help here. The fact that the operators of critical infrastructures are now obliged by law to take protective measures is something they have only themselves to blame. This is because cyber security incidents with high costs – the Bitkom association calculates that hundreds of billions of euros in damage are caused every year – have a clear reason: "All these costs have arisen because self-regulation has failed." Christoph Bausewein from Crowdstrike took a different view, describing inadequate, incomplete and contradictory legal requirements as problematic in some cases.
However, the panellists at the two-day conference agreed that physical and cyber security need to be considered more closely together – Ultimately, it's all about resilience. And this has different facets, from digital sovereignty to the assessment of information and targeted disinformation among the population.
Disinformation remains complicated
The latter, if it comes from abroad, is also the responsibility of the Federal Intelligence Service. There is definitely an influence, explained Sven Meyer-Ottens, Director of the "Innovative Technologies Forum" at the BND. Outrage strategies are used to undermine trust in government action, for example when it comes to migration or refugees, but also when infrastructure deficiencies are generalized according to the motto "Nothing works here anymore". This is intended to undermine trust in democracy.
(Image:Â Hasso-Plattner-Institut)
Military historian Sönke Neitzel reproached the BND representative, saying that he had heard "countless presentations by BND people, but it always remains abstract". Neitzel called for politicians, who are responsible for the services, to provide the public with more concrete information. Those responsible are good at openly communicating the threat situation in small circles, but bad at informing the Germans as a whole. Admittedly, there is a fine line between scaremongering and clarification. It is also important to avoid lumping together justified criticism, such as the state of the railroads, with targeted foreign disinformation.
Harmen Zell rejected the notion that platform operators are not doing enough to combat this, at least on behalf of his employer Meta: technically and organizationally, the situation is well under control. At the moment, the fact-checking approach is still being used in Europe, he reported, but other systems are being considered. Community notes, for example, have a greater effect than fact checkers, science shows, even if the idea originally came from X.
For the BND, on the other hand, content only plays a subordinate role in its work on disinformation, reported Meyer-Ottens: for the foreign intelligence service, it is primarily about recognizing the technical structures of campaigns, on which the service focuses. This prevents the service from being embarrassed into being "a kind of opinion police".
New powers and closer cooperation
One thing is clear: authorities and state organizations from the BND to the BfV, BKA and BSI to the Bundeswehr are to work even more closely together under the new government. New responsibilities also play a major role in this. The head of the Federal Criminal Police Office, Holger MĂĽnch, expressed his confidence that his agency would soon be given extended powers and would then be able to clean up infected systems of third parties in a legally secure manner in order to effectively shut down botnets, for example. However, MĂĽnch did not see this as a hackback, because: "I see it as a retaliatory measure, that's not what we do. We are the police: we do security."
And he also had good news, Münch announced: where action is taken, for example in the fight against ransomware, measures are also effective –, as shown by the BKA's figures on the cybercrime situation, which are due to be published in a few days' time.
(wpl)
