Ransomware is and remains the greatest threat
In cyber attacks with ransomware, the BSI is observing a shift in attacks: No longer are large, cash-rich companies the focus, but increasingly small and medium-sized organisations as well as state institutions and municipalities. In particular, successful cyber attacks on local governments and municipal businesses often directly affect the citizens of our country: This can result in citizen-oriented services being unavailable for a time or personal data falling into the hands of criminals.
Download: The State of IT Security in Germany 2023
Cybercrime is becoming more professional
Like the real economy, cybercriminals are increasingly relying on the division of labour, a growing service character and close networking across national and industry borders. With the concept of "cybercrime-as-a-service", cybercriminals are acting more and more professionally, because specialisation in certain services enables them to develop and deploy their "services" in a targeted manner.
Vulnerabilities in software at alarming level
The BSI is registering more and more vulnerabilities in software. These vulnerabilities are often the gateway for cybercriminals on their way to compromising systems and networks. With an average of almost 70 new vulnerabilities in software products per day, the BSI has not only registered around a quarter more than in the previous reporting period. Their potential harmful effect also increased with the number: more and more gaps (about one in six) are classified as critical.
Generative AI creates new risks, but also new opportunities
With ChatGPT, Bard and LlaMa as well as a multitude of other tools, artificial intelligence has arrived among a broad, even less technophile public. These tools are easy to use and deliver high quality. Yet they can also be misused for criminal purposes. For example, they can ensure that so-called deepfakes - manipulated images, videos and voices - become more and more authentic and thus more difficult to expose. AI can also make phishing emails more credible, contribute to disinformation campaigns on the social web or generate malicious code itself - and can be so much faster and in some cases much better than human cybercriminals. AI can also become a vulnerability itself. It can be hacked and misused. This implicates unprecedented challenges for vulnerability management in companies and authorities.
Effects of the Ukraine war on the IT security situation in Germany
The Russian war of aggression against Ukraine continued to occupy a central place in public perception during the reporting period. However, DDoS attacks by pro-Russian activists registered by the BSI have caused little to no lasting damage. The BSI classifies those attacks so far as propaganda, intended to create uncertainty and undermine trust in the state. However, this strategy can also change, as the past has shown.
Facts and data
Growing resilience against increasing threats
In a comprehensively networked society, there can be no one hundred percent security against attacks on IT infrastructures and software-controlled devices. The best protection against such attacks, however, is a pronounced cyber resilience. This is about increasing the resilience of IT and being able to better counter attacks.
More qualified security experts are needed to make IT systems more resilient, to fend off attacks and, in the event of a successful attack, to mitigate the negative consequences. Here, professionalisation on the defence side helps - among other things, through standardisation, centralisation and automation. The state and civil society are not defenceless against the diverse threats in cyberspace but can counter them successfully. The BSI, as the Federal Cyber Security Authority, is there to support them.
quote slider
Free subscription to 'The state of IT Security in Germany' report
A print version of the report 'The state of IT Security in Germany' is available free of charge and can be ordered here. The reports will be shipped via (postal) mail, starting in November.
