ARICOMA Group acquires the IT company KOMIXhttps://aec.cz/en/news/Pages/aricoma-group-acquires-the-it-company-komix.aspxARICOMA Group acquires the IT company KOMIX<p> <strong style="color:#6773b6;">?Another major player in the domestic information technology market will become part of the ARICOMA Group, which belongs to entrepreneur Karel Komárek’s investment group KKCG. Today, the owners of KOMIX and representatives of the ARICOMA Group signed an agreement on the sale of a 100% share in the company. The transaction is still subject to approval by the Office for the Protection of Competition (ÚHOS).</strong></p><p>For almost thirty years, KOMIX has been developing bespoke software for e-government, health insurance companies and major companies such as Škoda Auto, Nestlé or Porsche Czech Republic. In the past, KOMIX has taken part in projects such as electronic sick notes, biometric travel documents and an information system for the population register. KOMIX’s revenues rank it among the top 10 suppliers on the Czech market as concerns developing customised software. This year’s sales are predicted to reach more than half a billion crowns. KOMIX employs just under 300 people, above all developers.</p><p>“It is a great honour for me that we are to be part of the ARICOMA group and that we will play an active role in accomplishing its vision to build an ICT leader of European importance,” said Tomáš Rutrle, KOMIX’s director and current co-owner. “Thanks to this merger, we will be able to offer our current customers a much wider portfolio of services, whilst at the same time we will work with other companies in the group to reach out to new customers in the Czech Republic and abroad. We bring decades of experience to the ARICOMA Group, this includes large-scale projects, a passion for IT technologies and a proven ability to finish the job to a satisfactory conclusion for all. We firmly believe that we are at the start of an amazing story of digital transformation, one that is growing from its roots in the Czech Republic, and we want to be a fully-fledged part of it,” added Rutrle.</p><p>After acquiring the international company Seavus at the end of last year, ARICOMA Group is continuing in its acquisition campaign. Its goal is to build a strong European player in the field of ICT and SW solutions. According to Michal Tománek, KKCG’s Investment Director, who is responsible for all IT acquisitions, KOMIX’s entry is another hugely important step in this direction. “We have managed to acquire a company that is a perfect fit for ARICOMA’s current portfolio of businesses. Their expertise, products and customer base will ideally complement what we already have at this moment in time. What’s more, in the future, we will be able to offer this mix of services not only to the domestic market, but increasingly to foreign markets too,” said Michal Tománek.</p><p>According to Milan Sameš, the ARICOMA Group’s CEO, this further expansion of the group is a continuation of the strategy it set out four years ago. “The current developments in the company, which have been fundamentally affected by the Covid-19 pandemic, show us that we have set off in the right direction and that our assumptions about developments in the market were correct. Customers are trying to accelerate the digital transformation as much as possible, and this brings new opportunities for the entire field of information technology,” said Sameš.</p><p>ARICOMA Group buys a 100% stake in KOMIX for a non-disclosed price. The entire transaction is financed from a bank loan and from the buyer’s own resources.</p><p>The company’s management, including its director Tomáš Rutrle, will continue to play a role in managing KOMIX. KOMIX will act independently until the transaction is approved by the ÚHOS. Once the deal goes through, the ARICOMA Group will comprise of 8 companies with a consolidated turnover exceeding CZK 8.5 billion, and an EBITDA (earnings before interest, taxes, depreciation, and amortization) of almost CZK 900 million. It employs over 3,000 people.<br><br></p><p> <img src="/cz/PublishingImages/news/loga/komix-logo-25px.jpg" data-themekey="#" alt="" style="margin:5px;" /> <br>The company was established in 1992 and since its inception it has been offering software services to clients in the public and private spheres. This primarily concerns solutions for eGovernment and eHealth, where it helps the Czech state administration accelerate development so that these solutions are as user-friendly as possible for citizens. KOMIX is also a major supplier for car makers, namely Škoda Auto. In this segment, KOMIX is basing its steps on the current situation where the car industry is going through a fundamental transformation and mutually reinforcing trends, which include autonomous driving, shared mobility, online connectivity and electrification. Software solutions have thus become the main source of the customer’s perception of the car’s value, innovation and appeal. KOMIX also offers products focused on digital transformation, such as automated decision-making, business intelligence or robotic process automation. The company manages the comprehensive development of all layers in sophisticated information systems – front end, back end, database, mobile applications, integration buses. The most common technologies it uses for development are JAVA and Microsoft.NET. In February 2021, KOMIX opened a branch in Switzerland, where it acquired a new client, Nestlé, one of the largest food concerns in the world.</p><p> </p><p> <img src="/cz/PublishingImages/news/loga/aricoma-group-purple-50px.jpg" data-themekey="#" alt="" style="margin:5px;" /> <br>The largest Czech ICT holding company, its members are AUTOCONT, Cleverlance, DataSpring, AEC, Cloud4com, Internet Projekt and Seavus. The companies from the ARICOMA Group cover its entire portfolio of business services, starting with the design of ICT architecture and going on to infrastructure and cloud services, implementing business applications up to developing their own large-scale software solutions and outsourcing. Its total revenues for 2020 exceeded CZK 8bn.</p><p> </p><p> <img src="/cz/PublishingImages/news/loga/KKCG-logo-35px.jpg" data-themekey="#" alt="" style="margin:5px;" /> <br>The KKCG Group, managed by Karel Komárek, one of the most successful Czech entrepreneurs, is an international investment company with a total book value of more than €6bn. The KKCG Group develops its business activities in twenty-two countries around the world and its key fields include the gaming industry, the energy industry, IT technologies and real estate. It holds shares in many domestic and international companies, including SAZKA Group, ARICOMA Group, MND Group, KKCG Real Estate, US Methanol, the capital fund Springtide Ventures and others. KKCG also invests in the American fund Jazz Venture Partners, based in Silicon Valley, which focuses, for instance, on investments in technologies for improving human performance (neuroscience).</p>
A pentad of our colleagues succeeded in the international CtF competition organized by partners from Tenablehttps://aec.cz/en/news/Pages/a-pentad-of-our-colleagues-succeeded-in-the-international-ctf-competition-organized-by-partners-from-tenable.aspxA pentad of our colleagues succeeded in the international CtF competition organized by partners from Tenable<p> <strong style="color:#6773b6;"><span style="color:#6773b6;">The team of our colleagues, consisting of David Pecl, Lukáš Bendík, Erik Šabík, Vojtěch Šindler and Tomáš Hliboký, did well in the worldwide Capture the Flag competition. This year was the first time it was organized by one of our leading partners, the American company Tenable.</span></strong></p><p>The international Capture the Flag competition had a total of 1,762 participants and it was all under the direction of Tenable, a provider of top solutions for vulnerability monitoring. With such strong competition, the AEC representatives did amazingly well and finished in <a href="https://tenable.ctfd.io/scoreboard" target="_blank">21st place</a>.</p><p>Any one from all over the world could take part in the tournament, which was held from 18 to 22 February 2021. Participants could form teams of up to five people and solved their tasks either individually or together. AEC’s colours were defended by five representatives taken from the divisions for Technology, Penetration Tests and the Cyber Defence Centre.</p><p>The five-day competition itself consisted of ongoing task solving in <a href="https://ctftime.org/event/1266/tasks/" target="_blank">traditional categories</a>, such as web applications, reverse engineering, cryptology, coding, working with information (OSINT), forensic analysis, regular expressions and a whole host of others.</p><p>“We did best in cryptography, web applications and coding. Mainly because it is the bread and butter for pentesters,” said Erik Šabík, adding, “But we certainly didn’t fall behind in other tasks either, the problem was more to do with time. We solved it by agreeing that whoever had the time would open the page with the tasks and try and solve what they could. Sometimes we called each other, and we also brainstormed...”</p><p>Here it’s necessary to point out that, unlike many other teams, our busy colleagues could only get down to the competition tasks after they’d finished their professional duties, so they had significantly less time to solve them than the others.</p><p>However, this makes their success all the more valuable and our congratulations all the greater. Thanks to their position, they have now joined the elite ranks who can wow those around them with their exclusive T-shirts that the competition organizer reserved for the best of the best. &#128522;</p><p>CTF-related activities are nothing new to AEC. Apart from the fact that we often take part in such competitions, quite successfully it must be said, we regularly organize a similar event ourselves. One of the most popular things at our annual <a href="https://konferencesecurity.cz/">Security conference</a>, the largest independent event of its kind in the Czech Republic, is the hacker competition.<br></p>
Vulnerabilities in Microsoft Exchange Server have a serious impact. Simple patching is not enoughhttps://aec.cz/en/news/Pages/vulnerabilities-in-microsoft-exchange-server-have-a-serious-impact-simple-patching-is-not-enough.aspxVulnerabilities in Microsoft Exchange Server have a serious impact. Simple patching is not enough<h3>Unauthorized access to e-mail. Potential dangers of malicious code installation, data theft and misuse thereof with social engineering methods. Local companies and institutions are in serious danger connected to the massive attacks on systems using Microsoft Exchange Server. The latest large-scale incident revealed the fact that simple updating is not sufficient for the protection of the company's system.</h3><p> <br>The attack targeting one of the most common Microsoft software products used for e-mail exchange and resource sharing was most likely launched as early as the end of 2020. In the following months, before its discovery in March, hackers have silently attacked tens of thousands of servers around the globe. The Czech Republic and Slovakia did not escape these attacks either, as there were thousands of vulnerable servers in both countries. </p><p>A compromised e-mail server can serve the attackers as a springboard for attacking other systems in the organization, as well as those of its business partners, suppliers, or customers. Although updates are underway at present aiming at fixing the vulnerabilities, it cannot be ruled out that the hackers have created backdoors in the infected systems with an intention to use them for more future attacks.</p><p>As the experience of experts from the AEC company providing cyber protection to enterprises and institutions shows, attackers who have gained access to sensitive information will definitely try to effectively monetize the stolen data or misuse it for further attacks with social engineering methods.</p><p>Despite the timely installation of patches, no company can be sure that a number of confidential information such as contacts, addresses, employee names, invoices or contracts has not escaped from their systems together with the stolen e-mails. And this is also one of the reasons why cyber security experts continue to recommend the highest level of caution to be applied.</p><p>“If we cannot be sure whether the system was compromised or not, we have to assume that it was compromised,” comments Maroš Barabas, Head of Product Management in AEC and he adds: “Be prepared that attacks can be targeted not only at you, but also at all your partners, suppliers, or customers you are interacting with and that your confidential information and data can be misused to achieve it.” </p><p>The key issue with this type of compromise lies in the fact that the attacker knows perfectly well how the attacked company communicates with its surroundings due to possessing the stolen information. This allows him to follow with the communication in a proper manner and at the right time. For example with a fake e-mail written in a format identical to the correspondence which the infected company would normally exchange with its business partner, including the history of conversation.</p><p>However, there may be one tiny difference – for example in addition to the standard message attributes and the usual business information, the e-mail may also contain a little note: we are sending the requested invoice; however, we would like to notify you of a change in the account number. There is no way this e-mail can be recognized as a scam. The only way the company can be certain that it will not loose its money would be a proper check of such message by its duly informed employee. </p><p>“In this case, we recommend checking this information directly with the supplier by phone. But be sure not to call the number listed on the suspicious invoice, because the person on the other end of the line could easily be the attacker himself. Call only known numbers. And send the money only to accounts verified by a process not relying on e-mail communication,” says Maroš Barabas. He also said that companies can face these and similar practices by utilizing security awareness services. These include comprehensive employee trainings provided with the latest technologies and procedures, including testing. A specially trained worker could be exactly the decisive factor for ensuring the company’s cyber security.<br></p><p style="text-align:center;"> <img class="maxWidthImage" src="/cz/PublishingImages/news/2021/aec-security-awareness-graphics-2-eng.jpg" data-themekey="#" alt="" style="margin:5px;width:650px;" /> </p><p>Please see our website <a href="https://socialing.cz/en">https://socialing.cz/en</a> for more information.<br></p>