Germany Fears AI-Driven Disinformation Campaigns

More than two-thirds of Germans currently fear that cyberattacks and AI-driven disinformation campaigns could influence the outcome of the upcoming general election. Across all party boundaries, 67.9% of respondents rate this risk as high or somewhat high.

Threat awareness is particularly high among supporters of the Greens (82%), the SPD, the CDU/CSU, and the Left (74–75%). Among AfD voters, however, the figure is just under 57%. The assessment of German voters aligns with that of decision-makers in politics and administration, as well as companies crucial to German infrastructure. Here, too, almost 70 percent fear that the outcome of the election could be influenced by cyberattacks.

These are the results of a survey commissioned by Microsoft and conducted by the opinion research institute Civey in September. The sample, described as representative, comprises 5,000 voters, 1,500 decision-makers from the business world, and 500 from politics and administration. The business representatives surveyed come from the energy supply, information technology and telecommunications, transport and traffic, healthcare, water management, food industry, finance and insurance, media industry, and culture sectors.

Risk Awareness in the Economy

A majority of the managers surveyed are concerned that the threat of cyberattacks on companies vital for infrastructure is “high.” However, just under half of the companies (49.7%) feel adequately prepared for such attacks. One in three decision-makers report that their company is very poorly or somewhat poorly prepared.

The study shows that more than two-thirds of all companies with more than 5,000 employees feel very threatened (72%). Overall, 55.4% of all companies say that the threat level from cyberattacks is “high.” More than half of managers in these industries (almost 55%) therefore want to make cyber defense a higher priority in the coming year.

Companies are particularly concerned about disinformation campaigns (51.9%), cyberattacks supported by artificial intelligence (43.8%), malware (35%), and deepfakes (33.4%). Only around 10% are concerned about potential threats from insiders. Decision-makers in German politics and administration see the situation even more critically: 90% say that Germany’s critical infrastructure is threatened by state-supported cyberattacks from abroad. At the same time, 50% consider this risk to be “very high.”

Lack of Cooperation

As the survey shows, there is a lack of cooperation between the private and public sectors in terms of cyber defense. Almost two-thirds (60%) of decision-makers in companies from critical infrastructure sectors complain about a lack of support from the state in cyber defense. Only just under 15% say that cooperation is “good” or “fairly good.” Small and medium-sized companies feel particularly neglected by government initiatives and partnerships. Among companies with up to 250 employees, only 2% report good support.

Politicians and administrators view the situation even more critically: Three-quarters of all political decision-makers surveyed—whether at federal, state, or local level—rate cooperation with the private sector as inadequate.

The recently published Microsoft Digital Defense Report 2024 (MDDR) shows the extent of the global threat to critical infrastructure. According to the report, the critical infrastructure of many countries has now become a significant target in modern interstate conflicts. Last year, Microsoft observed a sharp increase in attacks on internet-connected operational technology devices (also known as OT or operational technology devices). These OT devices are used, for example, to control industrial equipment and critical infrastructure machinery—from medical devices to the equipment that keeps railroads and power and water supplies running.