The German Federal Office for Information Security (BSI) recently released its report on “The State of IT Security in Germany 2021”. “With regard to information security we are – at least in certain areas – on red alert,” BSI president Arne Schönbohm declared upon presenting the report to the public alongside Federal Minister of the Interior Horst Seehofer.
The attacks on Microsoft Exchange servers and Solar Winds clearly demonstrated the reach and impact cyberattacks can have in a globally networked world, writes Seehofer in his preface to the report. Germany has been affected by such attacks to a lesser extent than some other countries, Seehofer goes on to say, yet it has been shown that systems in Germany are also vulnerable to attack. “In addition, cyberattacks are becoming increasingly sophisticated,” according to the minister. “In the realms of cybercrime as well as cyber espionage and sabotage, attackers are constantly developing new methods, while also exploiting current events and situations such as the Coronavirus pandemic.”
Secure digitalization securely can only be achieved if information security is taken into consideration from the very start, adds BSI head Schönbohm. Information security can no longer be misconstrued as a hinderance to faster processes and development. It is much better understood as an investment in the future because it makes successful digitalization possible in the first place, Schönbohm emphasizes.
Unfortunately, it is not always easy to impart this simple formula because “successful cyber security is inconspicuous. It only becomes visible when it fails – as a global security incident, an attempt at blackmail on a huge scale, or systems being unavailable or experiencing outages. These events generate publicity and grab the headlines that should actually belong to cyber security.”
The overall situation is deemed acute to critical
For the reporting period between June 2020 and May 2021, the BSI characterizes the overall state of IT security as “acute to critical”. Per the summary, this is mainly due to growth in the well-publicized cybercriminal ransomware attacks, the new tactic of double extortion – whereas the victim is additionally blackmailed to prevent the attackers from publishing their data online – and racketeering. However, there were also incidents in which the repercussions went well beyond the directly impacted victims.
The attackers also managed to significantly accelerate the production of new malware variants when compared with the previous reporting period. While the 2020 report quantifies the average number of new variants identified per day at 322,000, the daily figure for the latest reporting period was 394,000 on average, according to the BSI. This corresponds to a year-over-year increase of 22 percent. In total, this means that attackers produced around 144 million new malware variants during the latest reporting period.
BSI: Information security is crucial for digitalization
Digitalization projects born from necessity neglected to ensure information security, endangering entire company networks, the report adds. Software applications which were hastily cobbled together jeopardized the security of sensitive data, the BSI state in the report’s conclusion – a risk that often remained invisible to the impacted consumers. Far too often, the demand for quick functionality was prioritized over security. This approach creates a risk that could very likely come back to haunt an organization and put the success of their digitalization efforts at risk. Corona-Warn, Germany’s official Coronavirus alert app, is cited as an example that security need not be compromised.
Even so, the report recognizes that the overall risk situation is not only determined by negligent IT security measures. In addition to the rising number of malware variants in circulation, the quality of the attacks is also considered to have increased “significantly”, according to the BSI. In this context, the handling of security vulnerabilities (particularly in software) is especially important. Due to their technical capabilities, cyber criminals are well equipped to exploit such lapses in security. For the security gap in Microsoft Exchange (which was closed in March 2021), the BSI declared their second highest level of crisis for only the third time in the agency’s history. Despite all the BSI’s efforts, more than 4,000 unpatched servers could still be found in Germany as late as May 2021.
Being located in Germany a benefit
From the BSI’s perspective, this means that cyber security is increasingly becoming focus and a competitive advantage for companies based in Germany. Ensuring the ability for companies to operate their businesses without disruption (business continuity) and focusing on the security of IT products constitute the fundamental points of departure for the support services offered by the BSI. The authority also emphasizes that information security needs to become a selling point – it builds trust and generates acceptance with consumers.