Sometimes it’s just a single email, derived from a criminal sender. Disguised as a photograph of the Christmas party, an attachment hangs on it, which an unsuspecting employee opens – and the office computer may say next: “Sorry, your data has been encrypted. Pay ransom now to free up your files. “
Not only individuals and politicians hit hacking attacks. In fact, incidents like these are now common in German companies. “Cyber-attacks there are actually every day,” said a spokesman for the Federal Office for Information Security (BSI) the FAZ “A company that has not yet recorded a cyber-attack, either not interesting enough or it just did not notice the attack.”
Attacks such as those described at the beginning are the most common. Almost a quarter of all German industrial companies, according to a survey by the digital association Bitkom According to the 2017 and 2018 an attack with so-called “Ransomware”, the files encrypted, or other malware experienced. Some kind of cyberattack has been experienced by almost every second company. “Ransomware is simply convenient for hackers,” says the BSI. Unlike other methods of attack, it requires little specific knowledge of the attacked company.
German SMEs are worthwhile goals
The German middle class is particularly interesting for hackers. Companies with between 100 and 500 employees are the most affected by attacks of any kind, according to Bitkom.
The specialty insurer Hiscox also calculated that cyber-attacks caused more damage to German SMEs than to American or British ones.
In isolated cases, cybercriminals have incurred damages of up to 5 million euros in a single case.
Nabil Alsabah, Head of IT Security at Bitkom, believes that local SMEs are interesting for hackers: “German SMEs have many innovations, for example in artificial intelligence and industry 4.0 – these are the areas in which one desperately seeks innovative solutions in contrast, large companies have the resources to invest in security measures, while these are often lacking in small and medium-sized enterprises.
110 billion euros damage
The reason that the number of hacker attacks is increasing sees Alsabah as more and more devices are networked – both at home in the “smart home” and in industrial production.
In addition, more and more digital work, so that more and more data is digitally accessible and therefore hackable. “The attack surface has increased,” says the expert.
According to Bitkom, data theft, industrial espionage or sabotage have caused more than € 43 billion in damage to German industrial companies over the past two years.
In the entire German economy, it was almost 110 billion euros in two years. The highest costs cause damage to the image of industrial companies. Because companies fear for their reputation, many cyber attacks are therefore not known.
Hackers do not pay
An unknown, but quite existent proportion of companies also pay blackmailers and hopes that the spook has an end to it. The BSI strongly disclaims this approach: “Any payment is too much, because it will boost the business model of the criminals.”
Instead, companies should consistently file a criminal complaint and make sure that the damage is not too great in case of emergency – for example, by regular backups.
Increasing attacks have created a lucrative market for companies offering digital security services. With IT security, EUR 4.4 billion is expected to be implemented in 2019, the Bitkom estimates. That would be 9 percent more than last year.
“Anyone who is currently starting to study, I can only guess: IT security,” says the BSI spokesman. “The market will definitely grow.”
On the other hand, the fact that the market is growing also shows that the companies have recognized the problem and are now investing in the area, says security expert Alsabah.
Therefore, hacker damage would not necessarily increase, even as the number of attacks continues to increase. “Personally, I’m a bit optimistic,” he says. “The media attention leads to the topic being slowly given the importance it deserves. We are on a good way in many ways. ”