BSI concerns about the situation of IT security in Germany

BSI concerns about the situation of IT security in Germany

Share post

With its report on the situation of IT security in Germany, the BSI - Federal Office for Information Security provides an annual comprehensive overview of the threats in cyberspace. Current: The threat in cyberspace is higher than ever before.

The cybersecurity situation in Germany remains tense. This emerges from the current report on the situation of IT security in Germany, which Federal Interior Minister Nancy Faeser and Claudia Plattner, President of the Federal Office for Information Security (BSI), presented today. The BSI management report makes it clear that ransomware attacks are currently the biggest threat. In addition, there is growing professionalization on the part of perpetrators, which is accompanied by an increasing number of security gaps.

During the reporting period, the BSI registered around 250.000 new variants of malware and 21.000 systems infected with malware every day. In addition, there are an average of 70 new security vulnerabilities per day, one in two of which are classified as high or critical. This corresponds to an increase of 24 percent compared to the previous year.

Ransomware is the most dangerous type of attack

The BSI report on the IT security situation in Germany shows that vulnerabilities in software products in particular are continuing to increase (Image: BSI).

🔎 The BSI report on the IT security situation in Germany shows that vulnerabilities in software products in particular are continuing to increase (Image: BSI).

The professionalism with which attackers operate in cyberspace is reflected in the increased division of labor and the targeted use of AI tools. In terms of the different types of attacks, ransomware attacks currently pose the greatest threat. They cause much of the economic damage caused by cyberattacks. Ransomware attacks have a lasting impact on entire value chains. Small and medium-sized companies, municipalities and municipal companies in particular are affected by the often serious consequences of these attacks.

Software vulnerabilities at worrying levels

The BSI is registering more and more vulnerabilities in software. These vulnerabilities are often a gateway for cyber criminals to compromise systems and networks. With an average of almost 70 new vulnerabilities in software products per day, the BSI registered around a quarter more than in the previous reporting period. As the number increases, so does their potential harmful effect: more and more gaps (around one in six) are classified as critical.

Data theft and cyber espionage

The threat situation in the reporting period was particularly characterized by data theft. In many cases, these were also linked to ransomware attacks, in which cybercriminals exfiltrated large amounts of data from organizations with the aim of blackmail. In contrast, cyber espionage often serves the goal of political and social influence. In addition, public facilities were repeatedly targeted with DDoS attacks during the reporting period. So far, however, these attacks have had no relevant damaging effect.

Destabilization and disinformation through AI

Politically motivated cyber attacks are not limited to data theft or paralyzing digital services: attackers can increasingly take advantage of the possibilities of artificial intelligence. Tools that can be used to create, modify or distort texts, voices or images are becoming increasingly available and easier to use. The risk of disinformation and cyberbullying through fake images or videos increased during the reporting period.

More at


About the Federal Office for Information Security (BSI)

The Federal Office for Information Security (BSI) is the federal cyber security authority and the creator of secure digitization in Germany. The guiding principle: As the federal cyber security authority, the BSI designs information security in digitization through prevention, detection and reaction for the state, economy and society.


Matching articles on the topic

Cybersecurity platform with protection for 5G environments

Cybersecurity specialist Trend Micro unveils its platform-based approach to protecting organizations' ever-expanding attack surface, including securing ➡ Read more

IT security: NIS-2 makes it a top priority

Only in a quarter of German companies do management take responsibility for IT security. Especially in smaller companies ➡ Read more

BSI sets minimum standards for web browsers

The BSI has revised the minimum standard for web browsers for administration and published version 3.0. You can remember that ➡ Read more

Data manipulation, the underestimated danger

Every year, World Backup Day on March 31st serves as a reminder of the importance of up-to-date and easily accessible backups ➡ Read more

Printers as a security risk

Corporate printer fleets are increasingly becoming a blind spot and pose enormous problems for their efficiency and security. ➡ Read more

IT security: Basis for LockBit 4.0 defused

Trend Micro, working with the UK's National Crime Agency (NCA), analyzed the unpublished version that was in development ➡ Read more

The AI ​​Act and its consequences for data protection

With the AI ​​Act, the first law for AI has been approved and gives manufacturers of AI applications between six months and ➡ Read more

MDR and XDR via Google Workspace

Whether in a cafe, airport terminal or home office – employees work in many places. However, this development also brings challenges ➡ Read more