Germany is currently witnessing a significant surge in cyber threats, with the peril of ransomware attacks soaring exceptionally high, according to the latest report from the Federal Office for Information Security (BSI). The report delineates the state of digital and electronic security in the country from June 2022 to June 2023, labeling the threat level as the “highest ever.” On average, 332,000 new variants of malicious software were created daily during this period. Moreover, the victim count of German individuals, whose stolen data and names were published on illegal websites, reached a record level in the second quarter, with 65 individuals affected.
German Interior Minister Nancy Faeser stated, “The BSI report on cybersecurity in Germany in 2023 shows that the state of electronic threats remains a source of concern.” According to the report, ransomware continues to be the predominant cyber threat, with identity theft on the rise and governmental institutions experiencing an uptick in advanced persistent threats (APT). These prolonged, directed espionage or sabotage attacks aim to steal or manipulate information.
As hackers target easier prey, small to medium-sized enterprises (SMEs) and local governments are particularly susceptible to cyber-attacks. Notably, the renowned “Mittelstand” SMEs, representing about 80% of the country’s economy, face significant risks. The report spotlighted another trend where attacks on supply chains do not directly target companies, but malware, like viruses, are deployed in the targeted company’s information system through external service providers. Consequently, a large number of victims can be attacked simultaneously.
Technological advancement also presents a challenge. Alongside the progress in artificial intelligence, which led to a qualitative improvement in deepfake (fake audio or video recordings) and phishing attacks, threats likely to be spawned by progress in quantum technology also pose a substantial challenge. The report pointed to a 24% increase in the number of discovered software vulnerabilities, often the “first breach exploited by internet criminals.” Of the 70 new flaws discovered on average every day, one in two is classified as critical.
Moreover, Cybercrime as a Service (referring to Software as a Service or SaaS) also poses a security risk. As professionalism in cybercrime and the growth of a shadow economy stemming from cybercrime increases, cyber-attacks are increasingly turning into a service offered to customers, where intruders obtain professional tools online, the report noted.
During the report’s covered period, the office also witnessed a rise in denial-of-service attacks orchestrated by internet criminals sympathetic to Russia. These attacks aim to saturate a network with requests to prevent it from operating. The German government seeks to empower the Federal Office further to address this trend by allowing it to play a central role in relations between the federal state and the sixteen federal states (states).
Germany should see itself as a digital nation and act accordingly. For BSI, establishing a central national office responsible for cybersecurity is essential in this context, if only to create a unified national mapping of the situation, as stated by Claudia Plattner, the head of BSI. The Federal Office should work on enabling a more coordinated response to cyber-attacks against critical infrastructure.
BSI also relies on the effectiveness of European Union legislation to improve the electronic resilience of EU member states. For instance, member states have until October 2024 to implement the revised Network and Information Security Directive (NIS2), a new regulation that subjects cloud services to the same stringent security obligations as operators of critical infrastructure. Additionally, European Union institutions are currently negotiating the Electronic Resilience Act, aiming to introduce cybersecurity requirements at the EU level and make providers more accountable. This law is part of the collective effort to fortify cyber resilience and ensure that the digital domain remains secure against escalating cyber threats.
