Organised crime increasingly attacks the German economy

• 206 billion euros in damage per year due to data theft, espionage and sabotage 
• Most attacks come from Russia and China 
• Every second company feels its existence is threatened by cyber attacks

Berlin, 01 September 2023 - 206 billion euros in damage are caused to the German economy each year by theft of IT equipment and data as well as digital and analogue industrial espionage and sabotage. This means that the damage is above the 200 billion euro mark for the third time in a row (2022: 203 billion euros, 2021: 223 billion euros) and is levelling off at a very high level. These are the results of a study commissioned by Bitkom, for which more than 1,002 companies across all industries were representatively surveyed. Around three quarters (72 percent) of all companies have been affected by analogue and digital attacks in the past twelve months, and a further 8 percent suspect this without being able to prove such attacks beyond doubt. Compared to the previous year, with 84 and 9 percent respectively, the number of attacks has thus decreased slightly. However, the number of attacks attributed to organised crime has increased significantly. 61 per cent of the affected companies see the perpetrators in this area. A year ago, the share was 51 per cent, two years ago only 29 per cent. At the same time, since the beginning of the Russian war of aggression on Ukraine, Russia and China are increasingly becoming the basis for attacks on the German economy. 46 percent of the affected companies were able to trace attacks back to Russia (2021: 23 percent), 42 percent were attacked from China (2021: 30 percent). This puts Russia at the top of the list of countries from which attacks on the German economy are driven for the first time. At the same time, three quarters of all companies (75 percent) believe that the threat posed by China to cyber security is underestimated. And 61 percent currently consider the security authorities powerless against cyberattacks from abroad. 

"The German economy is a highly attractive target for criminals and states hostile to us. The boundaries between organised crime and state-controlled actors are blurred. The slight decrease in the number of companies affected is a positive sign and indicates that the protective measures are having an effect," says Bitkom President Dr Ralf Wintergerst. For the first time, a majority of 52 percent of companies feel that their existence is threatened by cyberattacks. A year ago, it was 45 percent, and two years ago only 9 percent. "The threat level remains high, so all companies must increase their IT security. At the same time, we must further expand cooperation between business and security authorities to prevent attacks and identify perpetrators." 

Vice President of the Federal Office for the Protection of the Constitution Sinan Selen said at the presentation of the study: "The results of the current Bitkom study fit seamlessly into our assessment of the situation. We are confronted with a persistently high threat from state and non-state cyber actors. Regional focal points are clearly recognisable. We see that state actors also make use of cyber actors and attack a high range of targets. These range from attacks on political institutions to the economy - from specialised small tech companies to large corporations - and also affect research institutions. Adversaries have staying power and are becoming more aggressive, professional and agile. Our response to this growing threat is to significantly strengthen cooperation with our partners, to quickly detect and react to detected attacks and to continuously adapt our defence mechanisms. Bitkom is making a valuable contribution with this study as part of this defence and hardening strategy."

Attacks on business increasingly digital 

Attacks on businesses have shifted further into the digital realm over the past twelve months. For example, 70 percent of businesses have been affected or suspected of being affected by theft of sensitive data, an increase of 7 percentage points compared to the previous year. 61 percent complain about the spying out of digital communication (plus 4 percentage points) as well as the digital sabotage of systems or operational processes (plus 8 percentage points). On the other hand, analogue attacks such as the theft of IT or telecommunication devices (67 per cent, down 2 percentage points) as well as sensitive physical documents or samples (35 per cent, down 7 percentage points), eavesdropping on meetings or phone calls on site, for example with bugs (17 per cent, down 11 percentage points) as well as physical sabotage (17 per cent, down 5 percentage points) are tending to decline.

Phishing is at the top of the list of cyber attacks with 31 percent (2022: 25 percent), followed by attacks on passwords (29 percent, 2022: 25 percent) and infection with malware (28 percent, 2022: 25 percent). Damage caused by ransomware has increased significantly, with around a quarter (23 percent) of companies reporting this. A year ago, it was only 12 percent. In contrast, damage from distributed denial of service (DDoS) attacks has declined, causing damage in only 12 percent of companies, compared to almost twice as many (21 percent) a year ago. 

Cyberattacks account for most of the damage 

Cyberattacks are now responsible for almost three quarters (72 per cent) of the total damage caused to the German economy by data theft, sabotage and industrial espionage - this corresponds to around 148 billion euros and is a significant increase on the previous year, when only 63 per cent, or around 128 billion euros, could be attributed to cyberattacks. "Digital attacks can be carried out from anywhere in the world. And the risk of being bothered by police or other law enforcement agencies is low or non-existent in many countries," Wintergerst said. "The trend towards attacks in the digital space will continue. German companies must at least bring their IT security up to the level that has long been standard for physical security on site."

Data theft: personal data comes into focus 

There is also a clear trend in data theft. A majority of the affected companies (56 percent) report that customer data was affected. In 2022, the share was only 45 percent, in 2021 it was 31 percent. The theft of employee data has also risen significantly, currently at 33 percent, up from 25 percent in 2022 and 17 percent in 2021. "When the personal data of third parties is stolen, the damaging effect often extends far beyond the company under attack and there can be considerable consequential damage to the individuals affected. And such an attack is usually particularly serious for the companies as well: they often expect fines and, in addition to the loss of reputation, there is a massive loss of trust among employees, customers or partners," says Wintergerst. Communication data such as emails continue to be stolen most frequently (62 percent, 2022: 68 percent). A quarter of the companies affected by data theft (23 percent) had access data or passwords stolen, 20 percent financial data and 17 percent intellectual property data such as patents or information from research and development.

8 out of 10 companies expect more cyber attacks on their company 

In the coming twelve months, the vast majority of companies (82 percent) expect an increase in cyber attacks on their own company. In this context, 54 percent even expect attacks to increase significantly, while 28 percent believe they will tend to increase. 15 percent expect the situation to remain unchanged - not a single one of the more than 1,000 companies surveyed anticipates a decrease in attacks. The vast majority of companies (97 percent) would therefore like the security authorities to provide better information about the cybersecurity situation, for example also about known vulnerabilities. 84 percent are of the opinion that reporting cyber attacks should be mandatory for companies, but also for authorities and public institutions. At the same time, however, 80 percent complain that the bureaucratic effort involved in reporting cyber attacks is currently too high.

Companies allocate a larger share of their IT budget to cyber security 

In view of this threat situation, companies have increased their investments in IT security. On average, 14 percent of a company's IT budget currently goes to IT security, up from 9 percent last year. About one third of the companies (30 percent) allocate 20 percent or more of their IT budget to IT security, thus fulfilling the recommendation of Bitkom and the Federal Office for Information Security (BSI). 42 percent spend 10 to less than 20 percent, 16 percent 5 to less than 10 percent and every 20th company even less than 5 percent. Wintergerst: "Company management is increasingly realising that sustainable digitalisation can only succeed with professional security management. Digital transformation and IT security must go hand in hand."