cryptovision CEO Markus Hoffmeister is not surprised about the recent data thefts German politicians and other celebrities fell victim to. His demand: Strong authentication and encryption must finally prevail among private users as well.
“Have the security systems of the Bundestag failed?” many a person asks with regards to the current reports on the leaked data of various politicians. In my opinion, the answer is no, because according to the current state of knowledge, the perpetrator(s) have not leveraged any security measures of the Bundestag (especially as celebrities who have nothing to do with the Bundestag are affected, too). Like other people, however, politicians are sometimes privately on the Internet and use social media, e-mail servers or cloud services. This is obviously where hackers have come in. Via stolen passwords, poorly secured access and other gaps, they have been able to access private data. This method is not new, but it still works, because Internet users tend to be carefree. Or as Frank Rieger from the Chaos Computer Club puts it: “As you can see, some of those affected have been relatively generous with their data.”
So what is to be done? In my opinion, the providers of e-mail, social media and cloud services are in demand. They need to ensure greater protection for end users. This is not rocket science but has long been an everyday occurrence in the professional sector. Many companies and authorities are currently switching from passwords to smart cards or other smart credentials – if they haven’t already done so. Encryption is also spreading more and more in this environment. It is high time that these standards from professional information technology also become a matter of course in private life. If necessary, the legislator must intervene and force the providers to take appropriate measures.
With its solutions (sc/interface for strong authentication as well as s/mail and GreenShield for mail and file encryption) cryptovision has proven for almost two decades that these security measures can be implemented in a user-friendly and practicable way. The current data theft therefore could have been avoided.