Applicant's proposed data remains uncommunicated to the Commission, as no pertinent details have been received.
The 2022 BSI (Federal Office for Information Security) report on IT security in Germany reveals that the threat situation in the cyber space was higher than ever before, with a 10% increase in software and hardware vulnerabilities and an escalation in various types of cyber attacks.
In the report, approximately 12 operating Advanced Persistent Threat (APT) groups in Germany were named, focusing on valuable "Made in Germany" key technologies, authorities, and diplomatic representations of individual states. The main threat vectors identified were ransomware attacks, especially on companies, and Distributed-Denial-of-Service (DDoS) attacks, which are increasing with cybercriminals using "technically advanced and strategically intelligent" methods.
Ransomware attacks on large, revenue-generating companies, known as Big Game Hunting, have seen a significant increase during the observed period. The goal of these attacks is to gain access to local or networked data and systems. Notably, both ransom payments reported by IT service providers and the number of victims whose data was published due to non-payment have continued to rise.
The BSI report recommends several measures to successfully defend against ransomware attacks. These include building a Zero-Trust architecture, network segmentation, tightly managed permission systems, internal authentications for users and applications, and encrypted backups and snapshots. Additionally, DNS filtering is suggested to detect ongoing ransomware attacks, with Blue Shield Umbrella by Blue Shield Security being an example of an effective DNS filter.
The use of intelligent sandbox environments such as the OPSWAT Sandbox is recommended to quickly respond to changed and intelligent malware strategies. OPSWAT's Anti-Malware Multiscanner MetaDefender Core scans in parallel with up to 34 AV engines to achieve high detection rates. The modular security solutions of security specialist OPSWAT fully embrace the Zero-Trust security approach.
MetaAccess NAC, an integrated platform, offers an extended approach to Patch Management, including user authentication and endpoint security. It combines device recognition, user authentication, and grants access based on success in compliance security checks.
The number of new malware and malware variants has increased by approximately 116.6 million in the current reporting period, with an average of around 319,000 new malware variants per day. Link11 recorded an increase of around 41% in DDoS attacks in 2021 compared to the previous year.
While there have been minor incidents and manageable hacktivism campaigns in Germany related to Russia's attack on Ukraine, a broad, strategically oriented cyber-attack wave against explicit German targets was not detected. ProSoft recommends Patch Management and Endpoint Protection as critical security measures.
In a positive development, the BSI launched an online vulnerability reporting form, resulting in 139 reports, an increase of over 400% compared to the previous year. This initiative underscores the BSI's commitment to enhancing cybersecurity in Germany.
As the cyber threat landscape continues to evolve, it is crucial for organisations to stay vigilant and implement robust security measures to protect their assets and data. The 2022 BSI report serves as a valuable resource for understanding the current threat landscape and developing effective cybersecurity strategies.
