About us News service Jobs & Career Press bayern-innovativ.de
  1. Bayern Innovativ
  2. eMagazine
  3. # energy & construction
  4. Detail

Cybersecurity situation is tense to critical

11/03/2023


Source: Energy & Management Powernews

The Federal Office for Information Security has presented its annual status report on cyber security in Germany. It warns of a wide range of dangers.

The German government's National Security Strategy was adopted in June 2023. Claudia Plattner sees the fact that the word "cyber" appears 62 times in the document as an indication of the importance of cyber security for Germany's comprehensive security. However, with the ongoing digitalization and increasing networking in the state, economy and society, the attack surfaces are increasing, says the President of the Federal Office for Information Security (BSI) in the foreword to the current report on the state of IT security in Germany. The situation is "tense to critical".

In the reporting period, which runs from July 2022 to June 2023, the BSI registered an average of 250,000 new malware variants every day. Looking at the individual months, the average daily increase last June stood out with 332,000 variants.

Critical infrastructure operators ("KRITIS") are particularly targeted by cyber criminals. In the reporting period, which runs from July 2022 to June 2023, 99 reports came from the energy sector. Only the healthcare sector (132 reports) and the transport and traffic sector (111 reports) were more affected. However, according to the BSI, some operators of critical infrastructure also reported incidents that were below the legal reporting threshold.

Systems for the early detection of attacks mandatory since 1 May

. May mandatory

According to Section 8b of the BSI Act, Kritis operators are obliged to report "immediately" to the authority in the event of

- "disruptions to the availability, integrity, authenticity and confidentiality of their information technology systems, components or processes that have led to a failure or to a significant impairment of the functionality of the critical infrastructures they operate" or in the event of

- "significant disruptions to the availability, integrity, authenticity and confidentiality of their information technology systems, components or processes that could lead to a failure or significant impairment of the functionality of the critical infrastructures they operate".

The BSI expressly points out that even if IT services are outsourced, the security responsibility remains with the critical infrastructure operator. However, during audits of companies, it has repeatedly found that the relationships between operators and service providers were structured in such a way that the operators could not have guaranteed adequate IT protection. "There is also often no risk assessment of the service provider relationship. As a result, it is sometimes unclear who assumes which part of the operator responsibility and whether the measures taken are actually sufficient," the management report states.

As of May 1, 2023, the energy industry will be subject to a further obligation based on the IT Security Act and Section 11 of the Energy Industry Act (EnWG). According to this, "operators of energy supply networks and energy systems that are considered critical infrastructure in accordance with the legal ordinance pursuant to Section 10 (1) of the BSI Act" must prove to the BSI from this date that they have implemented "appropriate" systems and processes for attack detection that are "state of the art" and meet certain requirements. For example, these must be able to continuously identify or prevent threats and rectify any faults that occur.

The BSI is convinced that an effective attack detection system offers additional protection, especially against the threat of ransomware. This is because the systems are able to detect an attacker who has already hacked into the network but has not yet started encryption.

Greatest threat from ransomware

The BSI also considers the potential danger from ransomware, i.e. encryption software used to extort a "ransom", to be the most threatening of the possible types of attack. Phishing emails are also frequently used by cyber criminals.

The BSI points out that AI language models are expected to lead to even more phishing emails in the future, which contain fewer spelling and grammatical errors and are therefore more difficult to detect. In particular, messages disguised as emails from energy suppliers, consumer advice centers and other contact points for end customers are becoming increasingly common. These contain, for example, subject lines such as "Secure energy flat rate now".

In the 96-page situation report, the BSI explains the typical processes of cyber attacks, but also what support the authority can provide to prevent or eliminate threats. It also explains what so-called APT attacks are all about, which are not used for criminal gain but to obtain information in preparation for acts of sabotage.

The report " The state of IT security in Germany in 2023 " is available to download from the BSI website.

Author: Fritz Wilhelm