Dhe evil resides in Russia. At least that’s what the IT managers at Germany’s companies believe. According to the current data theft study by the consulting firm EY, an impressive 74 percent of the 509 IT managers surveyed are currently taking precautions cyber attacks from Russia.
For comparison: In the last survey in 2021, 56 percent saw a potential risk there, compared to 31 percent two years earlier.
And this rate of increase is no accident. “In past years have Cyber attacksthat were tolerated by the state or even supported by countries,” says Bodo Meseke, partner at EY and head of the Cyber Response Services department there.
And Russia does indeed play a central role in this. However, Meseke cannot say whether the attackers are actually based in Russia or come from there.
“It’s also possible that they only use the Russian IT infrastructure.” Technically, that’s possible. “But one thing is certain: the country is considered a safe haven for hackers.” There is no fear of criminal prosecution there.
However, German IT managers are not only aware of Russia as the place of origin for cyber attacks. 59 percent also perceive China as a threat. A value that has not changed since the last survey.
North Korea, the USA and India follow at a great distance. “Certainly, these answers are also influenced by the current geopolitical situation and the sometimes subjective perception of the threat,” says Meseke.
According to the EY study, a certain trend can certainly be seen on the basis of concrete incidents, which also speaks of a “continuous digital arms race with criminals, hacktivists and even foreign secret services”. “And these groups often have very significant technical and financial resources.”
Concerns are therefore increasing in Germany’s companies. At least the executives entrusted with the topic estimate the risk of digital attacks as high as never before since the surveys began in 2011.
IT leaders are alarmed
68 percent rate the danger as “rather high” or even “very high”. Technology, media and telecommunications companies are particularly alarmed, followed by the pharmaceutical and healthcare industries and car manufacturers.
How often perpetrators got through often remains vague. Because many companies shy away from going to the authorities and/or the public for fear of a loss of image.
But one thing is clear: the focus is no longer just on large companies. “Medium-sized companies in Germany are increasingly being targeted,” says Thomas Koch, head of the Digital Forensics & Incident Response department at EY in Germany.
Because attacks would often be automated. And medium-sized companies in particular are falling victim to this watering can principle, because companies believe that they are not an attractive target and are therefore poorly prepared.
The damage is considerable, as shown by a study commissioned by the digital association Bitkom from autumn 2022. The consequences of theft of IT equipment and data, espionage and sabotage are estimated at 203 billion euros – annually.
For comparison: in 2018/2019 the corresponding value was still a good 100 billion euros. This significant leap apparently also has something to do with the establishment of home office work. “As a result, the attack surface has increased significantly,” says EY expert Koch.
Every third company not adequately protected
Forensic scientists consider that the fact that companies are recognizing the danger and that awareness has increased there is a great step forward. Unfortunately, it still does not mean that the danger is also combated accordingly.
According to the data theft study, one in three respondents still says that their own company is not adequately protected against digital attacks with phishing emails or malware, among other things. And that is even a higher value than in the surveys of recent years.
Cyber attacks can start with a single email and the malware hidden in it can paralyze entire departments or even entire corporations.
At the same time, not even half of the companies surveyed have insurance against such attacks. According to Meseke, the latter can also be due to increasingly expensive and unattractive offers from the insurance industry.
But regardless of that, you have to be prepared in principle, for example with the most precise possible crisis plans, which should also be practiced regularly. Because the danger doesn’t get any smaller.
“Ramsomware, so a Blackmail Trojans, is a working business model. Hackers will not give that up.” Money is then asked for twice: firstly for the decryption of blocked IT systems and secondly for the repurchase of stolen data.
“Everything on shares” is the daily stock exchange shot from the WELT business editorial team. Every morning from 5 a.m. with the financial journalists from WELT. For stock market experts and beginners. Subscribe to the podcast at Spotify, Apple Podcast, Amazon Music and Deezer. Or directly by RSS-Feed.