The current BSI management report 2021 shows that the threat situation is classified as tense to critical. Cyber attacks are increasingly jeopardizing successful digitization.
Cyber attacks lead to serious IT failures in municipalities, hospitals and companies. In some cases, they cause considerable economic damage and threaten the very existence of production processes, service offers and customers. These are key findings of the report on the situation of IT security in Germany in 2021, which was presented today by Federal Interior Minister Horst Seehofer and the President of the Federal Office for Information Security (BSI), Arne Schönbohm. The new management report makes it clear: Due to increasing networking, a large number of serious weaknesses in IT products and the further development and professionalization of attack methods, successful digitization is increasingly at risk.
BSI: Risk situation high to critical!
Federal Minister of the Interior Seehofer stated: “The threat situation in cyberspace is high. We have to assume that this will remain the case in the long term or even increase. We have therefore used the last few years to massively strengthen cyber security in our country. We have almost doubled the BSI with over 700 new positions in this legislative period. With its work, the BSI ensures that IT security becomes a competitive advantage for Germany. "
BSI President Arne Schönbohm: "In the area of information security we have - at least in some areas - the red alert. The new BSI management report shows more clearly than ever: Information security is the prerequisite for successful and sustainable digitization."
Red alert in some areas
Using the example of successful ransomware attacks, it becomes clear how extreme a lack of information security can have: For example, a hospital had to log off from emergency care for 13 days. Whole supply chains are increasingly affected by such attacks, with consequences not only for the victims, but also for their customers or other uninvolved third parties.
The BSI also monitors the further development of criminal methods. In the case of ransomware attacks, for example, in addition to the demand for a ransom, it is increasingly threatened to publish previously stolen data. With this extortion of hush money, cyber criminals increase the pressure on those affected. DDoS attacks also increased significantly in the reporting period. They are used to extort protection money digitally.
Up to 553.000 new malware variants every day
In February 2021, the BSI recorded the highest number of new malware variants ever measured. An average of 553.000 new variants were added every day. A total of 144 million new malware variants were counted in the reporting period, an increase of 22 percent compared to the same period of the previous year.
The quality and spread of many serious weaknesses in IT products are also cause for concern. A serious weak point in Microsoft Exchange was found on 98% of all tested systems. The BSI responded with a red warning and publicly and specifically called on those affected to take action.
Too low a priority for cyber security
As a consequence of the threat situation, the BSI demands that information security be given higher priority. As part of digitization projects, cyber security should be firmly anchored and encompass the entire supply chain.
Further information and examples can be found in the "Report on the situation of IT security in Germany in 2021" summarized. The management report of the BSI provides an overview of the development of the threat situation in cyberspace from June 1, 2020 to May 31, 2021 and of the activities and countermeasures of the BSI.
More at BSI.Bund.de
About the Federal Office for Information Security (BSI) The Federal Office for Information Security (BSI) is the federal cyber security authority and the creator of secure digitization in Germany. The guiding principle: As the federal cyber security authority, the BSI designs information security in digitization through prevention, detection and reaction for the state, economy and society.