The German Federal Office for Information Security reports a significant increase in cyber threats in Germany. The risk of ransomware attacks is considered to be extremely high, according to the Office’s latest report.
On Thursday (2 November), Germany’s Office for Information Security (BSI) issued a report on the state of IT and cybersecurity in the country for the period from June 2022 to June 2023. The agency’s experts noted that the threat level was “higher than ever before.” It also recorded the highest average increase in malware types – 332,000 new variants per day over the period observed. The number of German ransomware victims whose names and captured data were published on leak sites also reached a record high of 65 people in the second quarter. German Interior Minister Nancy Faeser said:
“The BSI report on the state of IT security in Germany in 2023 proves that the threat situation in cyberspace remains tense.”
Ransomware remains the top threat, according to the agency’s report. Government agencies are seeing a dramatic increase in advanced persistent threats (APTs) – cyber espionage or sabotage carried out over a long period of time to gain information or manipulate.
Small and medium-sized enterprises (SMEs) and local governments are particularly vulnerable to cyberattacks because attackers take the path of least resistance.
Another trend highlighted in the report is supply chain attacks. In this case, companies are not directly attacked, but malware, such as viruses, is spread through third-party vendors. This means that a large number of victims can be attacked at the same time. An equally challenging problem, according to the report, is the advancement of technology.
The advancement of powerful quantum technologies and the likely cybersecurity threats they will pose is seen as one of the challenges, in addition to technological advances in generative AI, which have led to a qualitative improvement in deep forging, phishing and fraudulent attacks.
The report also recorded a 24% increase in the number of vulnerabilities found in software products. These are often the “first point of call for cybercriminals”. Every second of the 70 new vulnerabilities discovered in an average day is classified as critical.
