22-Oct-2020
The importance of IT solutions and systems is increasing continuously, not only for companies but also in public authorities. The global pandemic Corona has only acted as an accelerator here. The more IT is used, the more vulnerable companies become, but also the state and ultimately the citizens. In its "Report on the state of IT security in Germany in 2020", the Federal Office for Information Security (BSI) has repeatedly emphasized the importance of functioning, fail-safe and resilient IT infrastructures for the functioning of societies. Cybersecurity by Design should "therefore be a focal point in all digitization projects," as stated in the foreword to the report.
The current report covers the reporting period from June 1, 2019 to May 31, 2020, but also addresses events after that date. The report states the "continuation of a trend", according to which malware is in Use for cyber-criminal mass attacks on private individuals, companies and organizations. There are outflows of personal data such as patient data, as well as critical vulnerabilities in software and hardware products.
New malware variants appeared in waves from the fourth quarter to the first quarter of the New Year. According to the BSI, the fact that these are less threatening compared to earlier periods is due to new variants of Emotet and at the same time marks a change in the attackers' methods. Attacks by malware are becoming more and more sophisticated and targeted.
- In 2020, there were 419 reports of incidents in critical infrastructures, including the energy and health sectors.
- In 2019, there were 252 reports,
- In 2018, 145 incidents listed.
73 of the incidents reported in the current management report related to the electricity supply. 65 reports reached the office from the finance and insurance sector. However, according to the BSI, not all problems were caused by attacks. In the health sector in particular, a large proportion of the problem cases were due to "technical failures".