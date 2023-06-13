Dhe latest emergency plan had to be triggered in Bad Homburg before the height at the beginning of the month. Deutsche Leasing has its headquarters there, just outside Frankfurt. The leasing subsidiary of the German savings banks started its emergency protocol after noticing a serious hacking attack on its computers.

Without further ado, she switched off all access to her systems. The company’s approximately 2,500 employees were asked not to come to the office early last week. Since then, Deutsche Leasing has been paralyzed. The company is working “together with external IT security consultants and the investigative authorities under high pressure to analyze the attack and secure traces”. said in a statement.

Deutsche Leasing has made its case public, and it could hardly have been kept secret after the request to the employees. But the vast majority of successful cyber attacks never come to light. Experts have suspected this for a long time.

But a representative survey by the TÜV association now reveals the extent of the unreported figures: more than every tenth company in Germany with more than ten employees was affected by an IT security incident last year. This includes successful cyber attacks and other security-related incidents such as acts of sabotage or hardware theft. This corresponds to more than 50,000 incidents.

How vulnerable the German economy is has so far remained largely hidden. According to the TÜV Cybersecurity study, more than eight out of ten companies choose to hide the successful attacks, in part for fear of ruining their reputation.

Only one in ten volunteers

Only eleven percent of companies that suffered a successful attack voluntarily informed the public. Another four percent had to make the incident public because they were legally obliged to do so. This is the case, among other things, when personal data is lost.

This means that there are victims of major hacker attacks, like the armaments company last year Rheinmetall, the German Press Agency or the ATU chain of car repair shops, for a minority whose attacks have become public. But also that Car rental company Sixtthe hotel company H-Hotels and the baby food manufacturer Hipp were affected.

“In addition to criminal hackers, state actors are stepping up their activities to obtain sensitive data, extort money or sabotage companies,” said Johannes Bussmann, President of the TÜV Association. In fact, the German economy is currently particularly threatened.

“Both the global political tensions and technological trends such as the spread of artificial intelligence pose a threat to the cyber security of companies in Germany,” said Bussmann. In particular, the war in Ukraine has greatly increased the risk of cyber attacks in the German economy.

Growing Danger

Companies seem to see it that way too. More than one in four companies assumes that there will be a serious IT security incident in their company within the next twelve months. In large companies with more than 250 employees, it is even 44 percent of the companies.

From the point of view of those surveyed, the greatest danger comes from organized cybercrime. Almost six out of ten companies name these organized hacker gangs first. A good four out of ten companies see state-organized industrial espionage or politically motivated actors as a major threat. And more than one in five companies is afraid of insiders, i.e. employees who have internal knowledge of the company and could exploit them in an attack.

The Federal Office for Information Security (BSI) also confirms that hacker gangs are among the greatest dangers. “Cyber ​​attacks with ransomware continue to pose the greatest threat to companies and organizations,” said BSI Vice President Gerhard Schabhüser.

Hackers gain access to computer networks and encrypt data in such a way that companies no longer have access to it. A ransom, usually in Bitcoin, is then demanded for decryption. In addition, there are increasing threats of the publication and sale of sensitive data. “Companies often pay to be able to work again quickly,” said TÜV President Bussmann.

AI further amplifies the threat

Hackers are also taking advantage of advances in artificial intelligence (AI). This applies in particular to the phishing attack method. Here, employees receive fake e-mails in order to steal passwords or inject malware.

According to the study, a phishing attack was successful in more than 60 percent of the companies affected. Generative AI, such as ChatGPT, gives hackers a new level of forgery. “There will soon be no more phishing mails that are easily recognizable due to errors or clumsy wording,” said the TÜV President.

But it’s not just the war in Ukraine that increases the risk of attacks. Also the trend towards mobile working, because the employer’s end devices are also used privately. Almost three quarters of the companies surveyed share this opinion. The reason is the use of less secure WLAN access at home or in public places. But the number of applications and thus the attack surface is also increasing with mobile working.

The damage from the attacks is great. The TÜV study does not mention a sum here. But more than four out of ten companies said they suffered financial losses. In addition, services for employees and customers are not available or even production has failed. Bussmann spoke of costs “in the tens of billions”. In a study by the digital association Bitkom from last August there was talk of annual costs of 203 billion euros for the German economy.

Every second company calls on the legislator to act to increase the requirements for corporate cybersecurity. Almost two-thirds even think that every company should be legally obliged to take appropriate measures for its cyber security. The TÜV association itself describes the specifications for product safety in the EU as a “decisive lever”.

The Cyber ​​Resilience Act aims to make digital security an integral part of all networked products. But he hasn’t said goodbye yet. “In view of increasing political and technological risks, the Cyber ​​Resilience Act should be able to take effect for cyber security as quickly as possible,” said TÜV President Bussmann.

