Status: 10/21/2021 11:39 a.m.
In the new management report, the Federal Office for Information Security assesses the current situation as “tense to critical”. In some areas there is already a “red alert”. Many cyber criminals have become more professional.
The threat posed by cyber attacks has grown significantly in Germany. This emerges from the 2021 management report of the Federal Office for Information Security (BSI). It assesses the current situation as “tense to critical”. A year earlier, the Bonn authority had characterized the situation as “tense”.
In some areas there is already a “red alert”, said BSI President Arne Schönbohm. The reasons for this are the clear professionalization of cyber criminals, increasing digital networking and the spread of serious weaknesses in IT products. “Information security must have a significantly higher priority and become the basis of all digitization projects,” says the report.
When asked whether there should be a Federal Ministry of Digital Affairs in the future, the outgoing Federal Minister of the Interior Horst Seehofer, whose house has so far been responsible for the BSI and the digitization of the administration, did not want to answer directly. To the address of the future coalition partners, he only says that “it will not be possible to separate general security from cybersecurity”.
Criminals use multi-level attack strategies
According to the BSI, criminals now sometimes use very complex, multi-stage attack strategies that were previously only used in cyber espionage. One method: while a criminal hacker is negotiating a ransom with his victim for access to data he has encrypted, he is simultaneously launching an overload attack on an alternative system that the victim uses to continue his business activities. Or the perpetrator publishes captured data on so-called leak pages in order to put the victim under even more pressure.
According to this, some attackers also approach customers or partners of the victim in order to increase the pressure. As an example, the BSI cites the case of a psychotherapeutic practice in its report, where not only the practice owners but also their patients were blackmailed.
553,000 malware programs discovered in one day
According to the BSI, the number of registered new variants of malware was 144 million, 22 percent more than in the previous reporting period. According to the Federal Office, 553,000 malware variants were discovered in one day in February 2021 – a new record.
According to the report, a large number of attacks were recorded between January and May in which blackmailers pretended to have video material of the victim allegedly showing them while visiting a website with pornographic content. The threat: If the victim does not pay a four-digit euro amount in Bitcoin, the compromising video will be sent to all contacts of the victim.
“The damage caused by extortion, combined with the failure of systems or the disruption of operational processes, has increased by 358 percent since 2019,” said Susanne Dehmel, member of the executive board of the Bitkom industry association. In her opinion, so that companies and private individuals can better protect themselves, everyone should have the opportunity to find out about the current cyber threat situation. “To do this, we have to use real-time information and collect it across the EU in a central dashboard – similar to the Corona dashboard of the Robert Koch Institute.”