BSI Situation Report on IT Security in Germany 2021: Ransomware the Biggest Threat

BSI Situation Report on IT Security in Germany 2021: Ransomware the Biggest Threat

The threat situation in IT security is changing and yet remains the same. Two years ago, the title was "Danger, especially for public authorities", and in 2020, "Danger, especially from Emotet", but in its recently published situation report for 2021, the BSI states that ransomware is the greatest evolving threat.

What has remained the same? It is true that information security should become a higher priority and form the basis of all digitization projects. Year after year, the BSI situation report makes it clear that successful digitization of both the public sector and the economy makes cybersecurity indispensable.

We proclaim it like a mantra, but the fact remains: cyberattacks on companies can lead to loss of reputation and severe revenue losses, and for SMEs they can even threaten their very existence. When critical infrastructure companies such as hospitals are attacked, life and limb are at stake. In addition, every successful attack, whether on a city administration, a university or an e-commerce service provider, undermines citizens' confidence in the security of their data and digital services.

In the current report, it is clear that criminal extortion has increased rapidly in itself, but also in quality. It can be read, for example, that the malware used sometimes produced 553,000 new variants every day.

This is particularly dangerous because detection methods only ever exist for variants that are already known, and consequently cannot detect, identify and fend off new variants. In terms of hash value, each malware variant is unique.

For the current reporting period, so-called "big game hunting" has been clearly outlined, in which "financially strong victims" in particular were attacked, to whom particularly high ransom demands were made. For the German Federal Office for Information Security (BSI), this big game hunting is a subset of the cyber-criminal types of attacks that use ransomware to extort ransoms. In addition to the already known

1. encryption Trojans, which are used for ransomware, the BSI currently also reports of

2. double extortion, i.e. extorting money by threatening to reveal compromising information, and

3. racketeering under threat of Distributed Denial of Service (DDoS). This diversification has been adopted in many cases by outsourcing to specialized attack groups.

This cybercrime-as-a-service (CCaaS; cybercrime as a service) is already described by the BKA in its Bundeslagebild Cybercrime 2020.

Would you like to prepare and protect yourself against ransomware? We recommend our 10-point plan. Advantages of our Ransomware Protection Solutions

  • Comprehensive protection of your company's devices through a secure browser solution that includes a shielded virtualized browser for accessing external websites.
  • Web application firewalls prevent your websites from becoming a gateway for ransomware.
  • Essential prevention of uploading infected files by analyzing all uploaded files through our Enterprise Anti-Virus Engine (based on the WAF's ICAP protocol).

What questions do you have? Feel free to contact us.

Contact Us





我同意,在网站Imprint中提到的Rohde & Schwarz GmbH & Co. KG和罗德与施瓦茨实体及分支机构 可出于营销和广告之目的(例如提供特价优惠和折扣促销信息)而通过选定渠道(电子邮件或邮政信件)与我联系并提供相关信息,包括但不限于测试与测量、安全通信、监测与网络测试、广播电视与媒体以及网络安全领域的产品和解决方案相关信息


您可以随时发送电子邮件至 撤销此同意声明,邮件主题注明“Unsubscribe”即可。此外,我们发送给您的每一封电子邮件中都含有电子邮件取消订阅链接。有关个人数据使用和撤销程序的详情,请参阅“隐私声明”

An error has occurred, please try again later.