On 15.08.2023, the current “Bundeslagebild Cybercrime 2022” of the BKA was published.
Here are the most important findings of the report at a glance:
- 136,865 registered cases in 2022, decrease of 6.5% compared to 2021
- Ransomware and phishing still the biggest threats
- Cases from abroad are steadily increasing, underlining the international nature of cybercrime
- The Bitkom e.V. estimates the damage caused by cyber attacks, among other things, at 202.7 billion euros.
- The clearance rate for cybercrime is on the same level as the previous year at approx. 29%.
In the following, you will find comments from important companies which are supplying cyber security solutions:
Andreas Bechtold, President Europe Infinigate Group:
The fact that, according to the latest BKA report, around two-thirds (63 per cent) of the companies surveyed expect a cyber attack in the next twelve months, but not even half of them (43 per cent) consider themselves well enough equipped to deal with it, shows how enormous the need for action is for the entire IT ecosystem. What is needed are targeted measures for crisis preparation (incident readiness), training programmes for employees (security awareness) as well as effective, proactive and automated preventive solutions for threat detection and defence. Managed security services can compensate for a lack of IT security expertise and/or specialists. As a value-added distributor and interface between manufacturers and channel partners, we are able to provide effective suppor
Kristian von Mejer, Director Central Europe at Forescout Technologies:
The current BKA report shows that ransomware and phishing continue to be the biggest threats to the German economy. This threat situation is best countered with a watertight security strategy, which is only offered by proven security platforms. The advantage of such platforms is the continuous identification and prioritisation of cyber risks through robust asset management and transparency. This allows risks to be quantified and critical assets to be protected.Equally important is the implementation of network security controls to mitigate threats and consistently enforce zero-trust access. Granular network segmentation and real-time traffic monitoring allow risks to be detected in seconds and automatically isolated to maintain complianc
The evolution of threat detection and mitigation is critical to the resilience of an IT ecosystem. AI-based automation and pattern recognition can identify threats faster and initiate the optimal threat response. With this risk-based, proactive approach, organisations can withstand even the most sophisticated and AI-powered cyber attacks.
Rishi Garrod, AVP Technical Account Management EMEA North at Tanium:
New report, old findings? Yes and no. Ransomware and phishing remain the main threats to German businesses, and nation-state attacks are on the rise as a result of rising international tensions. What is new is the influx of AI tools that allow criminals to easily scale and refine their operations. Companies therefore need to fundamentally realign their approach to cybersecurity and be proactive, rather than reacting after the damage has already been done.
The fundamentals of this approach are maintaining a high level of cyber hygiene and mastering the fundamentals of cyber security. The fact that phishing is still a major problem for businesses shows that the weakest link in cyber security is still the human. Research shows that cybersecurity training for employees is one of the areas where people cut corners the most due to the turbulent economic environment. However, this is a risky bet considering how many attacks enter networks because an employee unknowingly clicked on a malicious link. Another area of cyber hygiene is complete visibility of IT resources and endpoints connected to the corporate network – because you can’t protect what you can’t see! Research by Tanium shows that in 94 per cent of organisations, up to 20 per cent of all endpoints remain undetected and unprotected.Although many decision-makers are aware of these considerations, their implementation is often postponed for economic or other reasons. To solve this day-to-day dilemma, it is important to understand that improving cyber hygiene has the greatest impact of all cybersecurity measures.
Alexander Koch, VP Sales EMEA at Yubico:
Phishing remained on the rise in 2022. A closer look shows that a successful cyber attack often starts with a phishing attempt. The current situation report of the BKA confirms this development and indicates the peak in 2022 with over 430,000 phishing pages. However, it can be assumed that the number of unreported cases is even higher, says Alexander Koch, VP Sales EMEA at Yubico. What makes phishing so dangerous? It’s simple, effective and customisable – and that’s exactly why it’s so resilient. Through tools such as Phising-as-a-Service tools, it is also possible for less technically skilled attackers to carry out successful phishing campaigns. It is therefore essential to secure logins and access data completely. Hardware security keys such as the YubiKey offer a secure constant that can protect against even the most sophisticated phishing attempts. Because not only is phishing easy – so is protection against it.
Michael Heuer, VP DACH at Keepit:
The BKA report clearly shows us that ransomware remains one of the biggest cyber dangers for companies, with sometimes devastating consequences for the companies affected. To effectively protect company data, a reliable backup concept is essential. A backup that is backed up independently of the servers of the customer’s cloud provider offers maximum protection by storing the company data in secure and DSGVO-compliant data centres within the EU. Even after a ransomware attack, the data is quickly available again and downtime and extortion payments can be avoided. An EU backup can significantly reduce the vast majority of the damage listed in the report, protect business continuity and significantly increase the cyber resilience of businesses.
Matthias Frühauf, Regional Vice President Germany at Veeam Software:The BKA’s Federal Situation Report speaks a clear language: ransomware remains the main threat to organisations and businesses in Germany. This finding reflects the results of the Veeam Ransomware Trends Report 2023, in which we determined that 85 percent of all companies were the target of a ransomware attack in the previous year. Unfortunately, the justice system has yet to keep up with the criminals: The clearance rate for cybercrime is currently just 29 percent, according to the BKA. We therefore advise all organisations to take precautions and make immutable backups according to the 3-2-1-1-0 rule. In this way, criminals are deprived of their leverage with data extortion and thus of the basis for their business. In addition, we urgently recommend all IT decision-makers to establish an emergency strategy for disaster recovery in order not to fall into the statistics in the next BKA situation report.
Marco Eggerling, CISO EMEA at Check Point Software Technologies:
The BKA figures should make us sceptical rather than optimistic. Because as the report itself admits, a (supposed) decline of 6.5 percent in cyber crimes may sound like good news. However, against the background of an estimated number of unreported cases of over 90 percent and the fact that these are only attacks from within Germany, there can be no talk of relief. That is also what our figures say: Last year, our colleagues from Check Point Research even noted an increase of 27 percent in cyberattacks in this country compared to the previous year. I therefore recommend that all companies protect themselves against zero-day attacks and unknown malware with AI-supported technology that at the same time does not interfere with business operations
Dirk Decker, Regional Sales Director DACH at Ping Identity:
This year’s BKA federal situation report on cybercrime also shows that there is still hardly an attack vector without phishing. As a rule, phishing, spear phishing and social engineering are the starting point for successful cyber attack campaigns. German companies must do more here! They must learn to take stronger countermeasures and give their employees, partners, suppliers and customers the opportunity to better protect not only their passwords, but also their identity data: with solutions for decentralised management of identities and for detecting and containing fake accounts and compromised user accounts. This will then also give you the necessary security to demand from your users what they have actually needed for a long time: high-quality identity data – since it has been verified by an institution authorised for verification. Fraudsters will then no longer have a chance.
Marco Di Filippo, initiator of “Germany’s Best Hacker
This report shows: Hacking talent that could do good is being misused for cybercrime. This is not only a waste of talent, but also does great damage to society as a whole every year. With the right guidance, however, talented hackers can be trained to become architects of security.
Our vision at Germany’s Best Hacker is to build a community where this talent is used responsibly to advance society instead of giving it a leg up.
Frank Heisel, Managing Director Germany at RISK IDENT:
Cybercriminals use sophisticated and constantly evolving attack methods such as phishing and malware to grab login data from honest customers and misuse it for fraudulent activities in online commerce. Through AI-supported automation – when writing in a phishing email, when generating malicious code or when determining further customer data – it is to be expected that the entry threshold for cybercrime will continue to fall and that, as a consequence, fraud figures will rise.
In our opinion, the decrease in the amount of damages is due to a lower willingness to pay on the part of the victims as well as the reduced damages from patent infringements. The fact that 41 percent of victims still pay the demanded ransom is a memorable result, as such successes serve as motivation for cybercriminals for future attacks. The number of unreported incidents is probably much higher.
The cyber attacks listed in the report represent a significant proportion of foreign crimes. This shows that the perpetrators take advantage of the fact that transnational investigations are very difficult to coordinate. The further improvement of transnational police work is certainly one of the main tasks that can be derived from the findings.
The already immense financial damages make it clear that companies with an online presence should urgently use advanced fraud prevention solutions to detect suspicious order transactions at an early stage and thus avert economic damage to companies as well as their customers. Many online shop operators may not realise it, but customers appreciate a high level of fraud protection when shopping.
Markus Auer, Security Advisor and Sales Director DACH at BlueVoyant:
The latest results of the BKA might suggest a slight decrease in cybercrime at first glance, but at the same time they make clear that persistent threats such as ransomware and phishing require adaptable security solutions. In addition, the number of crimes committed from abroad that cause damage in Germany has continued to rise, by 8 percent compared to the previous year. Attacks like the one on ViaSat show that even if the attacks do not take place within the country’s borders, there can be collateral damage to German infrastructure.
As our connected world continues to expand through supply chains and collaboration with third-party providers, it is of utmost importance to keep these extended ecosystems in mind. The seamless integration of services that monitor and respond to threats in real time can make the difference between a comparatively small incident that can be managed and a serious security breach.