Jan Wolter is one of Germany’s most prominent security experts. In the past, he has worked closely with the leading security agencies BSI, BKA, BND and BfV in the field of cyber and espionage defense to protect the German economy. Today, Wolter is an authorized representative of the DGKL Executive Committee. As part of the NACHGEFRAGT series, he answered important questions – and warns us to be vigilant in view of the current cyber threat situation.
DGKL News: Mr. Wolter, do you actually stock up on medication?
Wolter: I follow the recommendations of the Federal Office of Civil Protection and Disaster Assistance and always try to be sufficiently stocked.
DGKL News: Of course, we asked this question for a reason. In Western Canada, a number of pharmacies in the London Drug chain are still shut down after the company fell victim to a cyber attack. How do you assess the security situation within the German healthcare system when it comes to cyber attacks?
Wolter: I myself have no particular knowledge of ongoing attacks. But let’s not kid ourselves: Various countries are highly active in the field of espionage and some seem to use any means to harm Germany. Cyber attacks play a special role here. The German healthcare system is not spared in this context, and the list of threats is far from over.
DGKL News: As Managing Director of the ASW Bundesverband (ASW stands for Allianz für Sicherheit in der Wirtschaft e.V. – Alliance for Security in Business), you have spent many years advising the German economy on how to defend against cyber attacks, and counterespionage was also a key topic. The association’s partners include the BND, the BKA, the BSI and the Federal Office for the Protection of the Constitution. How do German companies and institutions react to information about existing security gaps?
Wolter: Very differently. At the time, I came across companies that took the issue very seriously and others that seemed to pay little attention to it – regardless of their size or the criticality of their industry.
DGKL News: Today you are an authorized representative of the DGKL Executive Committee, which is the only medical society for clinical chemistry and laboratory medicine in Germany. The industry is considered systemically relevant – what do you recommend to your members?
Wolter: I would advise our members to be extremely vigilant. University hospitals in particular, where research is also carried out, but also all other laboratories – especially larger ones – should urgently protect themselves at military level!
DGKL News: This shows that even in the USA, the healthcare sector is ignoring risks. UnitedHealth, for example, did not secure its servers, and the hacking attack on UnitedHealth is now regarded as the biggest disaster in US cyber history. Honestly, do you think German university hospitals or private institutions can do more than the USA in terms of cyber defense?
Wolter: I at least hope that people will become aware of the importance of cyber defense and eventually develop the willingness to provide the necessary resources. After all, laboratory medicine is indispensable for the healthcare system.
DGKL News: Nobody disputes that laboratory medicine is systemically relevant. In our view, however, it is also a German driver of innovation. Foreign intelligence services are happy about every Zoom or Webex conference, aren’t they?
Wolter: You can’t run a university hospital like a military base. Research thrives on exchange – also internationally. But there is no doubt that we need to make researchers much more aware of this and then provide them with tools that they can use to effectively protect themselves and their work. Above all, however, these tools must be functional and practicable. If my company laptop has so many security precautions that I can hardly work with it and therefore use my private computer, which is practically unprotected, then nothing is gained.
DGKL News: Is a university hospital able to do this?
Wolter: You raise an important point here. (University) hospitals – as well as private laboratories – face the same challenges as medium-sized companies. They may achieve remarkable things in their sector, but they are not necessarily experts in cyber security. Nor should their security depend on which federal state they are located in and how the security authorities there are set up. Nor can we simply increase the requirements and „throw them at the feet“ of clinics and laboratories, as currently envisaged by the NIS2 directive. We need a cyber security investment program to protect the laboratories and thus the functionality of our healthcare system. Laboratories must not be left to deal with the threat situation on their own! For me, this is part of the turnaround.
DGKL News: You have analyzed the mechanisms of digital disinformation in a remarkable paper in collaboration with Deloitte. Can you explain why this can also affect laboratory medicine?
Wolter: Disinformation has become a popular weapon. It is cheap and incredibly effective. Imagine that during the next pandemic, the reputation of leading institutes is deliberately attacked and the population no longer pays attention to the recommendations. This is not fiction.
DGKL News: A few years ago, at a presentation to representatives of the Federal Office for the Protection of the Constitution, you drew attention to another form of cyberattack that is hardly noticed in this country: the digital form of destruction of livelihoods through loss of reputation in social media. How does the deliberately placed fake on X make it onto the front page of a news magazine as the supposed truth?
Wolter: You should ask the medium in question. However, it is clear that this weapon is becoming increasingly important in the political arena. Hate and incitement sown on the Internet are being carried out on the streets when people are beaten up while putting up election posters. Why are we actually surprised that young people do this when their parents talk about how certain politicians should be „strung up“ or „put up against the wall“? Unfortunately, it is fact, not fiction, that the division of our society is being massively driven by foreign forces. It’s clear who benefits the most when we tear ourselves apart.
DGKL News: So cyber attacks are not just purely technical in nature, but much more than that?
Wolter: That depends on how you want to define cyber attacks. But it is important to understand: Firstly, the tools to carry out extensive, serious, even fully automated cyberattacks are virtually openly accessible to everyone. Virtually no prior technical knowledge is required to successfully carry out cyber attacks. Secondly, there are „Crime as a Service“ providers who carry out all kinds of attacks for money. They are also easy to reach. Thirdly, Germany is the focus of countries that want to do us massive harm, who will use any means necessary and who do not shy away from civilian victims. Fourthly, the infiltration of agents, sabotage, disinformation, the targeted spying on or blackmailing of key individuals – all this and much more, which sounds like the plot of a thriller, has long been a reality.
DGKL News: Our last question is: How do you personally protect yourself against cyber attacks?
Wolter: I would refer you to the recommendations of the German Federal Office for Information Security. However, the best protection is and remains common sense.
DGKL News: Thank you very much for the interview.
The questions were asked by DGKL news editor Vlad Georgescu
Entdecke mehr von LabNews
Melde dich für ein Abonnement an, um die neuesten Beiträge per E-Mail zu erhalten.
