The German Federal Office for Information Security (BSI) published its report “Die Lage der IT-Sicherheit in Deutschland 2022” (The State of IT Security in Germany 2022) at the end of October, which unsurprisingly also focuses on the war in Ukraine.
The latest BSI status report covers the period from June 2021 to May 2022, a good three months of war thus falling within the reporting period. “An overarching attack campaign against German targets was not apparent. The situation in the cyberspace of NATO partners, on the other hand, was somewhat tense and in Ukraine, to some extent, life-threateningly critical”, the report’s introduction states.
The overall picture, meanwhile, is frightening: “On the whole, the already tense situation worsened further during the reporting period,” the report continues. “The threat in cyberspace is therefore higher than ever.” According to the report, cybercrime posed a great threat during the reporting period, as was the case in the previous year. Ransomware remains the main threat, especially for companies, the federal office said.
As far as ransomware is concerned, experts note a further increase in “big game hunting”, which is the extortion of high-revenue companies with encrypted and exfiltrated data.
According to the BSI, ten percent more newly discovered security vulnerabilities were reported for 2021 than in the previous year. More than half of these were rated high or critical, according to the CVE list. The greatest impact was most likely the vulnerability in Log4j, as it was found in many freely available software modules. As a result, IT security managers found it difficult to assess whether the software they implemented had the vulnerability.
APT (advanced persistent threats) attacks, which often involve state-sponsored attackers, are still carried out via malware sent by email. However, because such attacks are comparatively costly, APT groups are increasingly scanning the network for perimeter systems (firewalls, etc.) with unpatched vulnerabilities so that they can target them and abuse them as a gateway.
And speaking of email, more than two-thirds (69 percent) of all spam messages sent during the reporting period were malicious, i.e., they contained phishing or extortion attempts. Of these scam emails, the vast majority (90 percent) were finance phishing, i.e., messages that fraudulently gave the impression to be sent by banks or savings institutions.
Interested parties can download the full report free of charge as a PDF from the BSI website (available only in German).