Due to tense cyber security situation: German companies increase their investments in IT security
by Tina Siering
How do companies assess the level of threat?
In the IT security survey conducted by the German Internet Industry Association (eco), 54 percent of all participating companies said they had increased their investments in IT security last year. (eco) stated that they had increased their investments in IT security in the past year. The study also concludes that the absolute majority of the companies surveyed believe that the threat of cyber attacks will continue to increase.
At the beginning of 2022, almost 94 percent of the companies surveyed assessed the situation as threatening. This represents a significant increase compared to the previous year's survey. At that time, only around 77 percent of companies believed that the threat from cyber incidents was increasing. However, the trend is clear: a large proportion of German companies are now aware that cyberattacks harbor enormous potential danger. This sentiment is also consistent with the results of the recently published Allianz Risk Barometer 2022.
In addition, since the outbreak of the Ukraine war, news of cyber attacks and a "war on the Net" have also created great uncertainty in other parts of Europe. In our blog article "secion's assessment of the security threats to companies following the outbreak of the war in Ukraine", we analyzed and assessed whether the threat situation for companies has acutely worsened since the outbreak of the war.
Yet large-scale open sabotage scenarios require months or even years of preparation. The threat level in this context therefore remains as high as it was before the war began. Companies that are now compromised have probably been compromised for some time.
What threats do companies currently face to their IT security?
There are clear reasons why companies currently see IT security under such threat. In 2021, there were numerous cyberattacks that received media attention, leading companies to increase investment in their own IT security. Some of the cyber incidents that caused a stir included the Colonial Pipeline ransomware attack in the U.S. in May or the cyberattack on the Anhalt-Bitterfeld district in September and the critical Log4j vulnerability.
The Corona pandemic also helped to exacerbate the security situation on the Internet. This is because the changed structures within companies are contributing to a more complex threat situation. The trend toward home offices is a major factor here, making networks more complex and harder to control. The intermingling with home networks has created additional vulnerabilities in IT security. Cybercriminals have responded by increasing their activities.
The result is an increase in complex and targeted attacks. The attacks, which include the use of ransomware, aim to cause as much damage as possible on the enterprise side and can bring business operations to a complete halt. This advanced persistent threat situation is subsumed under the term advanced persistent threat (APT).
However, large-scale open sabotage scenarios require months or years of preparation. The threat level in this context therefore remains undiminished - as it was before the start of the war. Companies that are now compromised have probably been compromised for some time.
Many companies affected by IT security incidents
The survey also shows that around a third of German companies experienced IT security incidents in 2021 that caused damage. Within the affected companies, ransomware leads the pack with a share of 21 percent. Hacking of websites and data theft follow in equal second and third place with 18 percent. The figures make it clear that every company in Germany can be the target of a cyberattack, and that enormous damage can be caused by ransomware.
Not only large corporations are affected, but increasingly small and medium-sized companies as well. There are clear reasons for this, such as the still widespread misconception that one is not a worthwhile victim of targeted cyberattacks. Ransomware and the associated extortion have made every company a potentially interesting target. On the other hand, cybercriminals are primarily looking for easy targets. SMEs often have a limited budget when it comes to IT and IT security in particular. Accordingly, it is easier to penetrate the networks of these smaller companies.
Conclusion on the current cybersecurity situation in Germany
The cyber security situation is tense and the trend of increasing threats continues. Companies that have not yet invested in their own IT security would do well to do so as soon as possible. The basis for this is an IT security strategy. This covers all potential attack vectors. Service providers help with the creation and practical implementation of such an IT security strategy. Cloud services such as early attack detection or cloud backups also give SMEs with smaller IT budgets the opportunity to establish high standards in their own IT security.
Need help upgrading your IT security for 2022? Contact us!
Related articles
QR codes have been around for almost 30 years. Today, we scan the square codes with our smartphone as a matter of course to release bank orders, create a digital vaccination certificate or retrieve coupons. However, since QR codes are also used by cybercriminals for fraudulent purposes, you should not trust the little squares without limits. You should be especially careful if you receive a QR code via email: A sophisticated phishing attack could be hiding behind it. We show you how to recognize quishing attacks and protect yourself from them.
Read more … Caution, Quishing: Criminals use QR codes for phishing attacks
In early October, the ransomware group Black Basta attacked an IT service provider of the Deutsche Presse-Agentur (dpa), stealing the data records of 1,500 dpa employees as well as pension recipients of the dpa support fund. Two weeks later, the cybercriminals published the first sensitive data of the victims on the darknet. This incident is just one of many attacks associated with the notorious Black Basta ransomware - and there will be many more to come. That's because, as new research shows, the cybercriminals act very similarly to other aggressive hacker groups.
Read more … Black Basta: New findings on the notorious ransomware
The cybersecurity industry is more dynamic and rapidly changing than any other sector. Today's insights may already be outdated tomorrow. Because at the same pace as IT security develops new measures to protect IT infrastructure, networks, and endpoints, cyber criminals bring new tools to the market, refine attack methods, or use unknown techniques to successfully carry out cyber attacks. Anyone who wants to stay as well informed as possible in the multi-layered environment is dependent on regular updates. This applies equally to technically interested users and IT staff. One popular source of information in Germany is the podcast. More than 40% of all Germans regularly listen to podcasts - one fifth of them daily. We asked our IT security consultants for recommendations on ethical hacking and present our top 5 most popular cybersecurity podcasts here.