BSI Situation Report on IT Security in Germany 2021: Ransomware the Biggest Threat

The threat situation in IT security is changing and yet remains the same. Two years ago, the title was Danger, especially for public authorities , and in 2020, Danger, especially from Emotet, but in its recently published situation report for 2021, the BSI states that ransomware is the greatest evolving threat.

What has remained the same? It is true that information security should become a higher priority and form the basis of all digitization projects. Year after year, the BSI situation report makes it clear that successful digitization of both the public sector and the economy makes cybersecurity indispensable.

We proclaim it like a mantra, but the fact remains: cyberattacks on companies can lead to loss of reputation and severe revenue losses, and for SMEs they can even threaten their very existence. When critical infrastructure companies such as hospitals are attacked, life and limb are at stake. In addition, every successful attack, whether on a city administration, a university or an e-commerce service provider, undermines citizens' confidence in the security of their data and digital services.

In the current report, it is clear that criminal extortion has increased rapidly in itself, but also in quality. It can be read, for example, that the malware used sometimes produced 553,000 new variants every day.

This is particularly dangerous because detection methods only ever exist for variants that are already known, and consequently cannot detect, identify and fend off new variants. In terms of hash value, each malware variant is unique.

For the current reporting period, so-called "big game hunting" has been clearly outlined, in which "financially strong victims" in particular were attacked, to whom particularly high ransom demands were made. For the German Federal Office for Information Security (BSI), this big game hunting is a subset of the cyber-criminal types of attacks that use ransomware to extort ransoms. In addition to the already known

1. encryption Trojans, which are used for ransomware, the BSI currently also reports of

2. double extortion, i.e. extorting money by threatening to reveal compromising information, and

3. racketeering under threat of Distributed Denial of Service (DDoS). This diversification has been adopted in many cases by outsourcing to specialized attack groups.

This cybercrime-as-a-service (CCaaS; cybercrime as a service) is already described by the BKA in its Bundeslagebild Cybercrime 2020.

Would you like to prepare and protect yourself against ransomware? We recommend our 10-point plan. Advantages of our Ransomware Protection Solutions

• Comprehensive protection of your company's devices through a secure browser solution that includes a shielded virtualized browser for accessing external websites.
• Web application firewalls prevent your websites from becoming a gateway for ransomware.
• Essential prevention of uploading infected files by analyzing all uploaded files through our Enterprise Anti-Virus Engine (based on the WAF's ICAP protocol).

What questions do you have? Feel free to contact us.