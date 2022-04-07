TÜV Rheinland: Digital risk highlights the need for efficient security tools such as penetration tests

LITTLETON, Mass., April 7, 2022 /PRNewswire/ -- A little over a month after the beginning of the war between Russia and Ukraine, the two countries are living what is being referred to as a "Cyber Cold War" with attacks on government sites and threats to infrastructure. A huge and significant attack happened right at the beginning of the invasion on February 24, when a Ukrainian satellites, which coordinates more than 5,800 wind power turbines, was digitally disconnected. While this did not disrupt the power generation operation of the turbines, it did prevent management of the system. Since then, most of the turbines have continued to run automatically, and management capability has been restored to over 90% of the systems. Recently a Telecom company in Ukraine was hit with a large cyberattack causing all the company's services across the country to go down.

US President Joe Biden has already warned that US organizations should "lock their digital doors," while UK officials are calling for "increased cybersecurity precautions." This presents an enormous risk for businesses globally.

Hackers do not miss a new opportunity

"The greatest risk to business is not doing enough to secure their infrastructure to respond to this threat. Businesses must adopt Cyber Security Agility as a core business process. Cyber Security Agility is the state where a business can rapidly adapt to the constantly changing threat environment with minimal business disruption. TÜV Rheinland has the experience and knowledge to address the constant changes in threats to the online footprint of businesses and enable them to develop Cybersecurity Agility in response," stated Rosanna Pellegrino, Vice President of Cybersecurity at TÜV Rheinland.

How to ensure security and detect vulnerabilities

Using advanced tools and processes, TÜV Rheinland can assess and conduct tests to identify weaknesses of IT infrastructure (networks, systems, and applications) and then design programs to ensure the business can constantly adapt to the changing threat profile. The first step is to perform an objective assessment of the security and identify vulnerabilities before hackers find and attack through them.

There are several possible methods that can be used to identify vulnerabilities. The best option for each company depends on its existing IT infrastructure. After an initial assessment, the experts build a strategy based on each company's needs and analyze existing systems to find the most effective penetration testing method.

Penetration testing services provided by TÜV Rheinland can be applied to applications, networks and infrastructure, embedded systems, online stores, intranet, IoT devices, and more. With a holistic view of IT security, the company's experts perform tests that assess organizational vulnerabilities - procedural and human - in addition to infrastructure, such as in relation to phishing emails, now used during the war between Russia and Ukraine.

"Businesses need to maintain vigilance against the constantly changing threat environment," Pellegrino added. "Cybercriminals continue to target power grids, hospitals and financial institutions using targeted phishing attacks aimed at installing ransomware."

