BSI Report: Security Situation in Cyberspace Remains Tense

This data comes from the latest report on the state of IT security in Germany, presented on November 12, 2024, by Federal Minister of the Interior Nancy Faeser and Claudia Plattner, President of the Federal Office for Information Security (BSI). The average number of new malware variants represents a 26% increase compared to the previous year. This surge is attributed mainly to an increase in malware targeting vulnerabilities in 64-bit versions of Windows. Additionally, the reporting period saw a significant rise in Android malware variants.

Faeser: Special Precautions Needed Against Disinformation

“The cybersecurity situation remains tense. However, we can see resilience against attacks improving, and investments in cybersecurity increasing. This is absolutely essential. Businesses, administrations, and politics are all under threat from ransomware attacks, cybercrime, cyber sabotage, and cyber espionage. We must prepare ourselves against threats such as hacker attacks, manipulation, and disinformation,” said Federal Minister of the Interior Nancy Faeser in Berlin.

BSI President Claudia Plattner added: “We are not defenseless against these threats! We can clearly see that protective measures are effective, and we are capable of countering these attacks effectively. Therefore, we must continue strengthening our resilience through a nationwide effort. Transposing the NIS 2 Directive into national law as quickly as possible is crucial in this regard.”

Greater Resilience Against Ransomware Attacks

The number of victims of data leaks resulting from ransomware attacks has continued to grow. However, the proportion of ransomware victims paying ransoms has decreased. Organizations with functioning backups are less reliant on attackers to decrypt their systems. Furthermore, an increasing number of companies are addressing cyberattacks transparently and informing the public. This openness helps close vulnerabilities more quickly and minimizes potential damage to other organizations.

Against the backdrop of geopolitical conflicts, professional and often state-sponsored attacks by APT (Advanced Persistent Threat) groups remain prevalent. Cyber espionage targeting authorities, political parties, institutions, and companies has become increasingly significant.

Increase in DDoS Attacks

The quality and frequency of DDoS (Distributed Denial-of-Service) attacks have risen sharply. High-volume DDoS attacks—those with bandwidths exceeding 10,000 megabits per second—accounted for an average of 13% of all DDoS incidents per month during the first half of 2024. This figure more than doubles the long-term average of 6.75%. Attackers often amplify the comparatively minor effects of these overload attacks on social networks to sow social insecurity.

In addition to ongoing phishing campaigns impersonating banks and financial institutions, the reporting period saw an increase in campaigns misusing the names of well-known streaming services. Attackers sought to capture payment method details, such as credit card information, as well as data from payment service providers and personal information about account holders.