What YOU have to do to stay safe

Let's start from the beginning of your adventure as DevOps. Could you tell us more about how it happened?

It is a quite simple story. I was a programmer in Leon and there, one day came up with the opportunity to retrain to DevOps. I've always been close to configuring and operating systems. I installed my first operating system at the age of 10 ;). I was also interested in development environments, as well as task automation in the broadest sense. As you can see, I started very early and after my studies at Politechnika Warszawska and WIT university, my career turned off speed.

So what was your path?

After eight years of working in the real estate industry, I decided it was high time for a change. It just happened that Leon was looking for programmers. I managed to get through the recruitment process and more or less that's it.

One of your responsibilities as DevOps is cyber security. Are these issues important to the company?

They are very important. The company holds a lot of customer data including a lot of sensitive ones. For this reason, we make sure that the encryption level is very high, for the data and the traffic as well. We are also obliged to take care of security through various certifications and audits. So we need to maintain a high-security level, but we also want to do it, just to keep our customers safe.

Is the aviation industry somehow particularly vulnerable to attacks?

It's rather similar to others. We are handling ransomware encrypting data on computers, phishing attempts for logins/passwords, and bot attacks on systems accessible via the internet. However, I can imagine a larger-scale attack on central aviation systems, for example paralysing air traffic throughout Europe. There would probably be hacker groups/countries that would benefit from such a scenario, but I hope it won't happen.

Is there such a thing as a fully secure corporate system?

It does not exist. The complexity of IT systems and their dependencies is so great that it is difficult to foresee all risks. In addition, there is also a human weakness that could be maybe the biggest vulnerability of all. So safety it's not a matter of securing the system, it's more a matter of how its users are aware of any cyber threats.

What is the most common cause of hacking?

As I said it's a human weakness. Data leaks from major IT companies in the last two years (Microsoft, Nvidia) have shown that the weakest link in security was the human being. Persuading people to give their passwords and logins (without setting up fake login pages) and simply talking to them, for example by pretending to be an employee of the company under attack from another department, is one of the easiest ways to break into someone else's infrastructure/system. This phenomenon is not new, as the world's best-known hacker Kevin Mitnick wrote about it in his book The Art of Deception.

What can the user do to avoid hostile intrusion?

Above all, it is not to be afraid to ask someone in charge of security whether the suspicious site/element or even person is real.

Furthermore, you can use MFA. It's multi-factor authentication, and there are a lot of free tools to do this, like the Google Authenticator app on your mobile. You can also use a password manager that will make it easier to keep your passwords tidy and strong and, above all, a variety of passwords. A password manager is the best way to have completely different passwords for each system, email, account etc.

Moreover, and it's maybe not so obvious, but do not use public WIFI networks without passwords - there is a risk of traffic eavesdropping on such a network.

I would recommend also using VPN connections, for personal or company traffic. A VPN provides encryption of traffic, as well as being able to mask your location, which can be useful in certain cases, for example dealing with official business from outside the country.

There is also one thing, very important, but lots of people don't see it as a security threat. Keep your software up to date - installing patches for your operating system will increase security. Using today's un-updated systems such as Windows XP or Windows 7 is asking for trouble in the long run. It is even better to look for free alternatives that have support like Ubuntu or Mint.

Remember to download software from secure sources like direct manufacturer's websites or software shops.

And, at the end of my tirade, beware of clicking on suspicious adverts about incredible profits, or increasing something... In many cases, dangerous content lurks behind such adverts. Often these are ransomware (malicious software that encrypts the disk) as well as trojans trying to steal logins to banking services. An effective antivirus comes in handy for such cases.

Do you think pen tests do anything?

Of course. Even if it is believed that a system has no security holes, without testing we cannot confirm this for sure. Pen-tests performed by qualified people can reveal many vulnerabilities that have not been thought of before. Therefore, they should be performed by an independent entity that can look at an IT system in a completely different way than its developers. I would only add that even after pen-testing there is never a 100% guarantee that everything is fully secure. Certainly, it's safer, but as I mentioned earlier, there is no 100% secure system.