Is Germany's IT Branch Defenseless?

It is rapidly becoming a regular feature in the nightly news: computer hackers shut down entire systems from some of the world's biggest and most influential organizations. The damage inflicted is immense in terms of lost work and profits. At times, though, the destruction goes behind the mere economics and affects the nation's very security.

Just a week ago a fast-moving global computer worm attacked computer networks relying on Microsoft operating systems. Worst hit was the United States where offices on Capitol Hill as well as major media organizations were knocked out for hours. The worm, which is believed to be a variant of the Zotob virus, also made it to Germany. Although its damage on this side of the Atlantic was considerably less, it served as another reminder to IT experts and political leaders how vulnerable the country's computers are to attacks.

Within just the last year, computer experts have witnessed an incredibly high jump in the number of virus attacks in Germany, many of which go unnoticed by the normal public. The economic toll of these onslaughts, however, cannot be underestimated, say industry security advisors. Billions of euros are lost every year due to a failure to ward off the attacks, many of which could be prevented.

The country must do more to strengthen its line of IT defense, the industry has said time and again. Now in response to the growing threat, Interior Minister Otto Schily has announced a national plan to raise the country's risk awareness in the hopes that individuals and companies will take security more seriously.

Increasing awareness

"Despite the fact that more and more Germans actively use technology such as personal computers, laptops or PDAs and have become increasingly dependent on theses gadgets, only a small proportion care about security issues to the extent they should," Schily told the media in Berlin last Thursday.

"IT security more often than not only becomes a priority after some major damage has already occurred," he added, saying the situation applied to both private users and companies.

Under Schily's plan, Germany's Federal Office for IT Security will receive more personnel and financial resources to improve its ability to detect security loopholes and suggest remedies. The office will also serve as a platform for a national IT security crisis center to be built up over the next few years. The center would be responsible for coordinating measures against planned large-scale attacks on the nation's IT infrastructure.

Preventing terrorist attacks

Schily specifically pinpointed a need to increase efforts to ward off or deal with major attacks on the energy, transport and banking sectors. "I'm not saying that we have any specific indications right now that terrorist groupings are already planning such attacks in Germany. But if such attacks hit us unaware, they would no doubt cause major damage and would have repercussions beyond our national borders," Schily told reporters.

The federal office's director Udo Helmbrecht said that while terrorist attacks could not be entirely ruled out, most of his organization's efforts at the moment were going into campaigns to raise public awareness to help users cope with the security pitfalls of modern computer systems.

"Our office is currently working out comprehensive guidelines for the safe use of wireless networking and voice-over-IP telephony as well as instructions on how to fight spam mails," Helmbrecht said. The information will be accessible to all citizens and companies for free.