You expect from large concerns strict security measures to protect data and systems from such attacks. How is it possible that they still fall victim to ransomware attacks?
Seyfarth: I wouldn’t say that these companies do nothing. Often measures haven been taken, but in reality, they don’t work as intended. There is a backup, but it hasn’t been tested for an emergency, isn’t complete, or has been encrypted by the ransomware. This means for the IT department: testing, questioning, documenting – this costs time, which is often not given to the department. Such a test must be wanted by the management and actively demanded.
It becomes critical in many areas where IT budget, time, and expertise are lacking. I often see this in the public sector, in the social sector but also in the healthcare sector. There is often no sufficient backup, no effective virus protection, no sensible encryption, and hardly any preventive measures. It is unbelievable that savings are made here in the wrong places.
In the public sector often people who lack IT expertise have to make decisions. They would rather build a playground than buy a server or work out a security concept. This is completely understandable from a human and political point of view, but the consequences are unacceptable. Fact is: Without an appropriate budget, without time and without expertise, a responsible person today has no chance of protecting IT infrastructure in a meaningful way.