High level of cybercrime: 90 percent of companies are demanding more police powers
Cyber crime remains at a high level in Germany. Last year, the police registered 136,865 cases of cybercrime, 6.5 percent fewer than in 2021. However, this does not exactly reflect the development. Because at the same time, the number of cyber crimes committed from abroad and causing damage in Germany increased by eight percent compared to the previous year. This emerges from the Federal Situation Report Cybercrime 2022, which the Federal Criminal Police Office (BKA) published on Wednesday.
The clear-up rate for cybercrime in Germany is around 29 percent at the level of the previous year, while abroad it is significantly lower in the lower single digits.
Amounts of damage caused by ransomware have fallen significantly
According to the special evaluation of the police crime statistics (PKS), enriched by various external sources, cyber crime is still one of the phenomena with the highest potential for damage in Germany. According to the 2022 economic protection report by the IT association Bitkom, cybercrime damage in Germany amounted to 203 billion euros. That is significantly less than 2021 with a record value of 223 billion euros. In particular, the amount of damage caused by blackmail with stolen or encrypted data has fallen from 24 to 11 billion euros. Nevertheless, the total number is still around twice as high as in 2019.
The federal situation report focuses on offenses directed against the Internet and IT systems – so-called cybercrime in the narrower sense. Criminal offenses that are committed with the use of IT and where the Internet is primarily the means of crime are left out.
Cybercrime: Unreported cases are estimated at up to 90 percent
The BKA explains the declining development of the relevant number of cases in Germany with the easing of the corona protection measures: While the sharp increase in online trade and mobile work in previous years offered additional opportunities for cyber criminals to attack, in 2022 parts of the crime scene shifted back to the analogue world.
The PKS only shows the bright field of the crimes registered by the police, BKA Vice President Martina Link pointed out when presenting the report in Wiesbaden. The number of unreported cases of cybercrime is estimated at up to 90 percent, so the investigators only find out about ten percent of the crimes. Cybercrime has developed “into an industry”. The perpetrators constantly adapted to technical and social developments. “Cybercrime as a service” plays an important role here: even criminals who do not have their own hacking skills can use such offers to acquire the necessary tools on the dark web.
Ransomware has the greatest potential for damage – thanks to AI
Ransomware still has the greatest potential for damage, Link reported. Encryption Trojans are often played on the victims’ computers via phishing sites. These attacks “are becoming increasingly persuasive and more targeted.” The development of artificial intelligence (AI) with generally available services such as ChatGPT apparently also plays an important role. In 2022, at least one German company was attacked with the appropriate malware every day. Since the end of 2022, the education and research sectors have been increasingly targeted.
The BKA lists LockBit, Phobos, Deadbolt, BlackCat, AlphV and Hive as the top 5 ransomware. It compares the division of labor within a cybercrime group with the structure of a medium-sized company with around 30 to 100 employees. Established gangs such as LockBit, BlackBasta and Conti often also operate “Dedicated Leak Sites” (DLS) on the Darknet in order to publish previously captured data of the victims in the event of non-payment (“Double Extortion”). Evaluations of large DLS showed that 137 companies based in Germany were blackmailed in 2022. The Federal Republic was the third most affected country after the USA and Great Britain.
DDoS attacks less frequently – but at critical levels much earlier
The situation picture also shows, among other things, numerous overload attacks on institutions in Germany. Corresponding DDoS attacks occur quantitatively less at around 2172 per month and last shorter at an average of 53 minutes, but reach a critical level much earlier: the average bandwidth peak was 2.9 GBit/s. Above all, hacktivists from Russia, for example, showed solidarity with warring parties and primarily relied on DDoS attacks, explained Link. These, too, would have led to considerable damage in Germany. Digital attacks on ATMs, on the other hand, have fallen sharply in Germany. According to the report, most of these now have the latest firmware, which makes jackpotting attacks more difficult.
According to an accompanying company survey by Bitkom, 63 percent of those surveyed expect a cyber attack in the next 12 months, but only 43 percent see themselves well prepared for it. At the same time, 48 percent fear that their existence could be threatened in the event of a successful cyber attack. 91 percent therefore call for better equipment for law enforcement agencies, and 90 percent for more powers for the police. 80 percent assume that investigators still lack the necessary skills in the field of cybercrime. Just as many advocate the use of new technologies such as AI by the police.
International law enforcement problematic
Above all, the high proportion of crimes committed abroad pose “great challenges” to the authorities, the BKA concedes. In the digital world, suitable investigative approaches for identifying perpetrators are often lacking. At the same time, legal hurdles and a lack of willingness to cooperate abroad could in some cases even completely prevent criminal prosecution. This gives cybercriminals a safe haven.
In order to comprehensively combat cybercrime, the BKA therefore wants to focus more on breaking up criminal infrastructures. The “takedown” of the Darknet platform Hydra Market, the shutdown of DDoS booter services through Operation Power Off and the dismantling of Emotet show that it is usually not possible to start up again in the short term and is very “expensive” for the perpetrators . In addition, there is access to the illegal profits of the gangs. The successful access to the server infrastructure of the Bitcoin mixer Chipmixer in March brought both elements together.
“Responsibility for Security”
The authority sees itself confirmed with the first figures after the introduction of the new criminal offense of operating criminal trading platforms on the Internet with Section 127 of the Criminal Code (StGB). What is remarkable about the data is that ten of the 13 registered cases could be cleared up, which corresponds to a rate of 76.9 percent.
Link called for the BKA to also create “responsibility for averting danger,” which is being discussed under the heading of the controversial hackbacks. BKA boss Holger Münch announced that he would increase the number of jobs massively and fill hundreds of new jobs. The domestic policy spokesman for the FDP parliamentary group, Manuel Höferlin, emphasized that the traffic light coalition is driving forward the structural restructuring of the IT security architecture. It will adapt the cyber security strategy and IT security law and expand the Federal Office for Information Security (BSI) into a central and independent body. Bitkom President Ralf Wintergerst called for training on all sides. Companies should draw up an emergency plan if hard drives are “locked up” and IT systems can no longer be used for production.
Go to home page
#High #level #cybercrime #percent #companies #demanding #police #powers