CyberInsights
The blog about your IT security

BSI Situation Report 2022: The state of cybersecurity in Germany in a year of crisis

The German Federal Office for Information Security (BSI) recently presented its annual status report, which shows how IT security is faring in Germany in 2022. The detailed snapshot contains extensive information on current threats and security concepts for a wide range of application areas, as well as on the BSI’s activities. Specifically, the report covers the period from June 2021 to May 2022 – and it makes one thing particularly clear: the risk of cyberattacks in Germany has never been as high as it is today.

According to the BSI’s situation report, what is the current situation with regard to IT security?

The year 2022 was and is marked by the consequences of the Russian war of aggression on Ukraine, which is not only taking place in the Ukrainian battle zones, but also in the digital space. In the foreword to the BSI Situation Report 2022, Dr. Gerhard Schabhüser, Vice President of the BSI, reports that Germany was also occasionally among the targets.

However, this has not significantly changed the general threat situation. The threat level was already very high before the war began and remains so. Virtually everyone is affected: private individuals, small and large companies, organizations of all kinds, and government institutions. The issue of cybersecurity plays a correspondingly fundamental role in the ongoing digitization of our society.

Against this backdrop, the German government sees it as its task, in cooperation with authorities such as the BSI, to protect “society from dangers in the digital space” and to ensure “a strong security architecture and the highest possible level of protection in cybersecurity,” according to Nancy Faeser, Federal Minister of the Interior and Home Affairs. The DGC has also made it its mission to help companies protect themselves against cyber attacks and optimize their IT security.

BSI Situation Report 2022: What companies should keep an eye on

“The threat situation in cyberspace is tense, dynamic and diverse, and thus higher than ever,” emphasizes Schabhüser. For companies, this means one thing above all: they must protect their own IT infrastructure while at the same time complying with legal regulations.

Legal requirements place companies under obligation

The task of the state is to create the legal framework for the highest possible level of general cyber security. Such as with the IT Security Act 2.0 passed in April 2021, with which the legislature has created a new legal foundation to ensure the most effective possible protection against cyber threats for all those affected from the state, business and society. The law places greater obligations on operators of critical infrastructures in particular. If they fail to meet their obligations, they could face severe fines.

What is clear is this: A large part of the responsibility still lies with each individual organization whose IT infrastructure is a potential target for cyberattacks – from small online stores to large corporations, from municipal authorities to the German parliament. On the one hand, it is important to prevent the theft and misuse of data with the help of suitable protective measures; on the other hand, digital services and products must remain available without restriction in the interest of both providers and users. The topic of cyber security should definitely be made a top priority: After all, in the event of an emergency, decision-makers are liable with their private assets if the security measures are inadequate. Increasing risks from the Internet require a holistic and strategic approach. This is where DGC’s offer comes in: With its 360-degree security approach, it supports companies in driving forward their digital transformation – securely and in compliance with the law.

Top cyber risk in 2022 according to BSI situation report: Ransomware

Even though the number of cyberattacks grew significantly overall in the reporting period, hackers still resort to tried-and-tested concepts in many cases. Ransomware is still considered the main threat to companies in 2022. No wonder: via ransomware, hackers encrypt a user’s or organization’s data and then demand a ransom for its release. Since the data is usually business-critical, those affected usually have no choice but to pay.

If the hackers get their hands on sensitive information, they usually demand a hush money. The focus is preferably on companies with high sales, as they can achieve correspondingly high ransom or hush money payments. If the victims do not pay, their data ends up on leak sites, where it is publicly accessible. Here, too, the number of cases increased significantly last year.

DDos attacks on the rise

In connection with the war in Ukraine, there is also an increase in so-called hacktivism, in which distributed denial of service (DDoS) attacks in particular are used to paralyze online services and thus sabotage IT supply chains, for example. A smaller number of such incidents have occurred in Germany so far. These include, for example, the attacks on a satellite communications company and on a German petroleum trader, which are explained in more detail in the BSI Situation Report 2022.

In general, the number of DDoS attacks in 2021 has risen massively compared to the previous year, with an increase of 41 percent. Particularly during Cyber Week and in the run-up to Christmas, hackers target online retailers, as successful DDoS attacks here are associated with enormous sales losses for those affected. Preventive measures can therefore save companies money in case of doubt. What they should also not forget: There is no such thing as 100 percent protection against cyber attacks. For this reason, emergency plans are essential for coordinated action in the event of an emergency.

Increasing professionalism among cybercriminals

The BSI divides cybercriminals into different groups depending on the malware used and the modus operandi. Recently, a kind of division of labor has increasingly been observed in which the individual components of a cyberattack are carried out by specialized attacker groups. These groups are networked with each other and provide each other with their skills or resources, such as malware, according to the motto cybercrime-as-a-service. According to the BSI, this approach is making a significant contribution to exacerbating the threat situation.

More vulnerabilities than last year and new malware variants

The number of registered vulnerabilities in 2021 was ten percent higher than in the previous year – more than half of them with a high or critical score according to the Common Vulnerability Scoring System (CVSS). The Log4j vulnerability, which was found in numerous freely available software modules and entailed a correspondingly high risk potential for their users, attracted particular attention.

Another problem: Hackers are constantly developing new variants of known malware that are not detected by IT security solutions. In the current reporting period, the number of new malware variants grew by around 116.6 million.

Conclusion of the BSI Situation Report 2022: Strengthening digital resilience through prevention

The conclusion of the BSI situation report speaks of a necessary “turnaround” in cybersecurity. It is crucial to strengthen the digital resilience of all players in our society. Prevention has proven to be the most effective means of doing so.

One thing is clear: When it comes to cybersecurity, there is never a status quo on which to rest and which will guarantee the necessary level of security in the long term. Against this backdrop, the German government is also planning to go beyond the IT Security Act 2.0 and further modernize the cybersecurity architecture and expand the BSI into the central office for information security in the federal-state relationship.

Meanwhile, it is the responsibility of all companies, organizations and authorities to also put suitable preventive measures in place – to comply with legal IT security guidelines and protect themselves from the potentially devastating consequences of a cyberattack. IT security professionals like DGC support here with important know-how and suitable applications.

Our experts will be happy to advise you on all topics relating to your individual IT security concept.
Get in touch with us now.

Follow us on

Subscribe to our newsletter on the topic of cyber security

With our Cyberletter you are always up to date - about vulnerability reports, current IT threat scenarios and other relevant news from the field of cyber security and data security.

By registering, I accept the handling of my personal data (§13 DSGVO) and agree to the privacy policy.