With its report on the situation of IT security in Germany, the BSI - Federal Office for Information Security provides an annual comprehensive overview of the threats in cyberspace. Current: The threat in cyberspace is higher than ever before.
The cybersecurity situation in Germany remains tense. This emerges from the current report on the situation of IT security in Germany, which Federal Interior Minister Nancy Faeser and Claudia Plattner, President of the Federal Office for Information Security (BSI), presented today. The BSI management report makes it clear that ransomware attacks are currently the biggest threat. In addition, there is growing professionalization on the part of perpetrators, which is accompanied by an increasing number of security gaps.
During the reporting period, the BSI registered around 250.000 new variants of malware and 21.000 systems infected with malware every day. In addition, there are an average of 70 new security vulnerabilities per day, one in two of which are classified as high or critical. This corresponds to an increase of 24 percent compared to the previous year.
Ransomware is the most dangerous type of attack
The professionalism with which attackers operate in cyberspace is reflected in the increased division of labor and the targeted use of AI tools. In terms of the different types of attacks, ransomware attacks currently pose the greatest threat. They cause much of the economic damage caused by cyberattacks. Ransomware attacks have a lasting impact on entire value chains. Small and medium-sized companies, municipalities and municipal companies in particular are affected by the often serious consequences of these attacks.
Software vulnerabilities at worrying levels
The BSI is registering more and more vulnerabilities in software. These vulnerabilities are often a gateway for cyber criminals to compromise systems and networks. With an average of almost 70 new vulnerabilities in software products per day, the BSI registered around a quarter more than in the previous reporting period. As the number increases, so does their potential harmful effect: more and more gaps (around one in six) are classified as critical.
Data theft and cyber espionage
The threat situation in the reporting period was particularly characterized by data theft. In many cases, these were also linked to ransomware attacks, in which cybercriminals exfiltrated large amounts of data from organizations with the aim of blackmail. In contrast, cyber espionage often serves the goal of political and social influence. In addition, public facilities were repeatedly targeted with DDoS attacks during the reporting period. So far, however, these attacks have had no relevant damaging effect.
Destabilization and disinformation through AI
Politically motivated cyber attacks are not limited to data theft or paralyzing digital services: attackers can increasingly take advantage of the possibilities of artificial intelligence. Tools that can be used to create, modify or distort texts, voices or images are becoming increasingly available and easier to use. The risk of disinformation and cyberbullying through fake images or videos increased during the reporting period.
More at BSI.Bund.de
About the Federal Office for Information Security (BSI) The Federal Office for Information Security (BSI) is the federal cyber security authority and the creator of secure digitization in Germany. The guiding principle: As the federal cyber security authority, the BSI designs information security in digitization through prevention, detection and reaction for the state, economy and society.