According to Germany's Federal Office for Information Security (BSI), the country faces a grave and growing threat as society becomes more digitally connected and criminals more sophisticated. The BSI said threat levels have reached red alarm levels.
Threat level increased
BSI published their annual report “The State of IT Security in Germany in 2021.” It highlights that the biggest risks come from malware and ransomware attacks. In fact, the agency detected 144 million new malware variants between June 2020 to the end of May 2021 — up 22% for the year. In February 2021, BSI detected 553,000 malware variants in a single day — a new record. The report notes that it had subsequently raised the general threat level posed by malicious computer attacks from "tense" in 2020 to "tense-to-critical."
The reason for this increased alert level is the increasing professionalism of cybercriminals combined with the networked composition of society.
“The significant increase of remote working led to a substantial growth of the attack surface in terms of interconnecting services and hardware provided and used. This trend consequently facilitated the possible exploitation of security flaws for cybercriminal campaigns,” noted a joint report by French ANSSI and Germany’s BSI.
The trend of growing cyber criminality has been turbocharged by the coronavirus pandemic as more business and government employees work remotely. The report makes clear that cyber-attacks have not only become more prevalent but have also become more costly. Bitkom, an IT-industry association, estimated that losses from blackmail and system outages have risen 358% since 2019.
Criminals are not only working for themselves, according to the BSI. They are also selling their services on the dark net. They have become more sophisticated in their approach along the way, using multi-level attack strategies previously seen in instances of state espionage. For instance, the BSI noted a method in which malicious actors negotiate ransom from a victim and in return seek data.
The use of so-called "leak pages" was one such example where attackers would publish stolen data to extort victims into paying a ransom. The agency illustrated the blackmail approach by pointing out the case of a private psychologist's office that was hacked and in which criminals proceeded to pressure not only the owner of the practice but their patients, as well.
The threat to critical infrastructure
According to BSI, "The attacks are hitting areas that are fundamental for our society, like energy and healthcare infrastructure." The BSI report went on to observe that "information security must be given considerably greater significance and become the basis for all digitization projects."
The same concerns are raised in the joint ANSSI and BSI report. The two agencies wrote that the digitalization of production processes underpinning the core activity of an entity through the connection of operational technology (OT) will carry risks for the near future. Those OT systems have usually a long lifecycle and are expensive. They are not changed or upgraded on a regular basis. Therefore, most current OT systems were installed at a time when IT security was not recognized as a vital factor for the operation of OT systems.
Another report from Europol, Internet Organized Crime Threat Assessment (IOCTA) 2020, noted that ransomware poses a significant indirect threat to businesses and organizations in Europe, including critical infrastructure, by targeting supply chains and third-party service providers.
Besides ransomware, the European law enforcement agency reported malware in the broader sense to be widely present in cybercrime cases. Criminals have converted some traditional banking Trojans into more advanced modular malware to cover a broader scope of functionality. These evolved forms of modular malware are a top threat in the EU, especially as their adaptive and expandable nature makes them increasingly more complicated to combat effectively.
Germany adopts a Cyber Security Strategy
In response to the increased threat of advanced cyber-attacks, the Federal Government of Germany adopted the Cyber Security Strategy for Germany 2021. The strategy comprises four overarching guidelines:
- Establish cyber security as a joint task of the state, business, society, and science.
- Strengthen the digital sovereignty of the state, business, science, and society.
- Ensure the secure development of digitalization.
- Make targets measurable and transparent.
Interested in learning more about Tripwire? Download our Mastering Configuration Management Guide to learn all about our SCM solution: https://www.tripwire.com/solutions/configure-and-harden-your-systems/guide-to-security-configuration-management.
For German speakers, you can get a translated version here: https://www.tripwire.com/leitfaden-zur-sicherheitskonfigurationsmanagement.