The IT security situation in Germany is coming to a head

The IT security situation in Germany is coming to a head

Bonn, 27.10.2022

This unmistakable warning is the quintessence of the current BSI situation report for 2022.

The BSI experts are confronted with just about every cybersecurity problem we know. These include : more and more cybercrime offenses such as fraud via fake stores as well as attacks via phishing or extortion software (ransomware). In addition, the Federal Cyber Security Agency is also observing the increase in threats related to the Russian war of aggression on Ukraine.

What is frightening is the rate at which these consistently criminal activities are spreading across the country. According to the BS: “ No matter what sectors of our society you look into: You will find that the sheer number of cyber-attacks alone shows just how great the threats are in detail. “

The following example makes this clear. The BSI found that the number of new malware variants for mobile devices and computers increased by about 116.6 million in the current reporting period. This means that an average of 317,000 new malware variants were detected per day. And they have just one purpose: to cause damage, encrypt data or destroy IT systems. Cyber extortion through ransomware attacks remains one of the biggest threats – and not just for companies. The attack on a county administration in Saxony-Anhalt is probably proof enough, because for the first time, a disaster situation was declared due to a cyber attack. One consequence of this cyber attack was that citizen-oriented services, such as payments for parental allowance or vehicle registrations, were not available or only available to a limited extent for 207 days.

You should also remain vigilant about suspicious emails. According to the BSI, 69 percent of all spam emails during the reporting period were cyber attacks. „A shocking 90 percent of these had the goal of leading you by the nose by giving the impression of having been sent by banks or savings banks“ writes the BSI.

More figures from the situation report can be found here: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/Lageberichte/Lagebericht2022-Doppelseite.html?nn=129410

As digital technologies proliferate, so does the number of potential points of attack: For example, 20,174 vulnerabilities were discovered in software products in 2021 alone – ten percent more than in the same period last year.

Among the top threats to society, the BSI lists identity theft, sextortion (the blackmail of nude pictures or videos) and fake stores on the Internet. With regard to the economy, ransomware vulnerabilities, open or misconfigured online servers and excessive dependencies in supply chains pose the greatest dangers. Government and administration, according to the report, suffer most from ransomware vulnerabilities, complex ongoing attacks on IT infrastructures and, as in business, open or misconfigured online servers.

The day-to-day practice – a sampling:

About 2.4 terabytes of data was recently viewable, although access to it should normally only be possible with authorization, reports t3n. Around 65,000 companies worldwide were affected by the data leak, from which, among other things, more than 335,000 e-mails were leaked to the public. Microsoft has acknowledged the data leak and closed it in the meantime. There is no information about possible damages caused by the openly accessible data.

In an e-mail with the subject „We have blocked your Amazon account and all pending orders“, personal data is requested from customers of the online retailer under the pretext of alleged security measures. This is pointed out by the consumer advice center. According to the consumer advice center, the attached link, which is supposed to be used to check the access data, is an attempt to defraud the customer and the consumer advice center strongly advises against clicking on the link.

Also the customers of the logistics service provider DHL must watch out: The IT magazine CHIP warns them of a „particularly perfidious scam“. Basically, it is also a phishing attempt in which the cyber criminals claim that alleged customs duties for goods amounting to 1.89 euros have not been paid and therefore a package cannot be delivered. Again, do not click on the link under any circumstances and delete the mail immediately. Customs fees, as suggested in the mail, do not exist in this form.

The upcoming Men’s World Cup in Qatar is creating security risks, according to Netzpolitik.org: Fans traveling to the emirate for the World Cup in November will be forced to install two apps on their cell phones. Both apps, the Norwegian TV station NRK has found out, would have far-reaching access to personal data. An application similar to the German Corona-Warnapp, for example, could easily derive movement profiles of individuals as well as meetings with other people. The other app, Hayya, is the official app for the World Cup and could also read out the location, switch off the smartphone’s sleep mode for this purpose and monitor network connections. Since it is not possible to enter Qatar without the programs, there is only one way to protect yourself: Anyone going to the World Cup should leave their cell phone at home.

Cybercrime and financial crimes are the biggest concerns for police worldwide, according to a report by the international police organization Interpol. According to a Spiegel report, the agency, based in Lyon, France, also expects offenses in these areas to increase significantly in the coming years. More than 60 percent of the police officers surveyed for the report, which is not available to the public, rated money laundering, Internet fraud, phishing and ransomware as a „great“ or „very great“ danger. A good three-quarters of those surveyed also assume that cases of sexual abuse of children on the Internet will increase decisively in the next three to five years.

Anyone who does not regularly update device drivers on their Windows PC is opening the door for cyber criminals to enter their own computer, reports t3n. Drivers organize the computer’s cooperation with devices such as graphics cards, printers, keyboard, mouse or camera. Non-secure drivers are usually managed by Microsoft on a block list, so they cannot be installed on a system. According to the report, however, the software provider has really „neglected“ to regularly update this list since 2019, so that vulnerable drivers can actually be installed. Microsoft has acknowledged the mistake and promised to update the list.

Contrary to what was promised, „Microsoft’s Office 365 Message Encryption“ is not secure, claims the online medium Tarnkappe.info. The US National Institute of Standards and Technology (NIST) had already described the use of the Electronic Code Book ECB as unsuitable for encrypting confidential information in March. The method allows attackers to reconstruct the contents of encrypted e-mails by analyzing them. Despite NIST’s classification, Microsoft does not see the use of ECB as a security risk and therefore refuses to make any improvements. „Anyone who wants to communicate securely,“ the report therefore states, „should simply not use Office 365 Message Encryption.“