Answer questions
The situation is “tense to critical,” according to the BSI’s annual management report. One potential danger stands out in particular: artificial intelligence. The most important findings at a glance.
What is the BSI?
The Federal Office for Information Security (BSI) was founded in 1991 and is responsible for Germany’s cybersecurity. It reports to the Federal Ministry of the Interior under SPD department head Nancy Faeser. Since its founding, the BSI has been responsible for protecting government networks, but also monitors the threat to companies and private individuals from hacker attacks or malware. The specialists develop binding security standards for federal authorities and operators of critical infrastructure (such as energy, transport and traffic). Once a year, the authority presents its analysis of the “IT security situation” in Germany.
What is the general state of Germany’s cybersecurity?
The situation is “tense to critical”, sometimes “worrying”. The “threat in cyberspace” is “higher than ever before,” says the management report. Due to ongoing digitalization and increasing networking in all areas – whether in society, the economy or the state – the attack surfaces, some of which already exist, would become even larger.
The threat situation has grown particularly with software products, i.e. computer programs or mobile phone apps. The BSI is registering “more and more vulnerabilities” there, and the potential damage is increasing accordingly. These security gaps are often the first gateway for cybercriminals to infiltrate networks with malware.
“Small and medium-sized businesses and especially local governments and municipal businesses have been disproportionately attacked,” the officials note. The BSI warns that attacks are becoming increasingly difficult to recognize as such, and cybercrime has become more professional.
And in particular? What is the BSI most concerned about?
The biggest threat is and remains “ransomware,” the agency states. In the 2022 management report, the BSI warned of digital blackmail attempts, in which attackers infiltrate networks in order to first access data and then encrypt it. They then demand a ransom from the victims for decryption. The theft is often linked to the threat of publishing the mostly sensitive data. This is supposed to increase the pressure.
The BSI is now observing a shift in attacks here: it is no longer just large and wealthy companies that are being targeted by criminals, but increasingly small and medium-sized companies as well. State institutions and municipalities are also more often targeted, often with a direct impact on citizens.
Municipalities of all types and sizes are affected. “The city or district administrations were often directly affected; however, local transport companies, municipal energy suppliers or housing associations, city cleaning companies and a school authority with responsibility for 75 schools were also attacked,” it says. In June 2022, after a “particularly far-reaching ransomware attack”, all town halls in an entire district as well as several municipal operations in an adjacent independent city, including local transport operations, had to be disconnected from the Internet.
What stands out in particular this year?
The BSI is now paying particular attention to artificial intelligence. While the topic played a smaller role in the last annual report, a separate chapter is now devoted to the potential risk of misuse through chatbots such as ChatGPT. Many scenarios are still declined in the subjunctive – but the thought games make it clear what potential dangers the BSI sees in future technology.
- The queries with which users feed an AI’s treasure trove of data could pose a threat: if these are incorrect or biased, the AI could also reproduce them incorrectly or biasedly. “This can concern statements about certain brands or products, but also, for example, evaluations of people, institutions or political tendencies, for example when models adopt tendentious statements from social media,” it says. Especially since this data base could also be specifically manipulated.
- Even if chatbots are trained not to give certain answers: “Attackers can bypass this behavior to misuse a model for attacks.” All that needs to be suggested is a certain context. “For example, hate messages or instructions on how to make bombs could be elicited from the model in response if one pretended to need this information as the basis for a warning article and to do good with it,” the BSI cites as an example.
- So-called “deep fakes” – manipulated images, videos and voices – would also increase in quality. For example, it is hardly possible for laypeople to distinguish the AI-generated voice of a politician from the original. The increasing real-time capability of these manipulations will mean that in the “foreseeable future” it will no longer be possible to be sure in online meetings whether you are talking to the real person or not.
In principle, the BSI states: Due to the now easy access to chatbots and other AI models, the number of potential attackers who misuse AI as a tool for criminal purposes could also grow. In the future, this could put a “heavy” strain on the capacity of the law enforcement authorities. The BSI therefore expects more cybercrime. Artificial intelligence offers new opportunities, but also new risks – and therefore represents an unprecedented challenge.
What role do the wars in Ukraine and the Middle East play?
In the last situation report, the Russian war of aggression on Ukraine – and its consequences for the IT security situation in Germany – was one of the central topics. According to the BSI, there are still a number of pro-Russian hacker attacks in this context, which are primarily aimed at the availability of Internet services and are intended to paralyze them due to their sheer volume. But, perhaps the good news is that the attacks registered have so far caused little to no lasting damage. Although the attacks have continued and intensified. The BSI sorts the attacks so far into the area of propaganda, which is intended to cause uncertainty and undermine trust in the state.
The war against Israel plays practically no role in the report: The report covers the period from June 1, 2022 to June 30, 2023, the attack by the Palestinian terrorist organization Hamas (on October 7) and possible effects on Germany’s cybersecurity are not taken into account.
What is the BSI’s conclusion?
It’s actually a truism: In a comprehensively networked society, there is no 100% security, according to the BSI. But it also describes the volatile situation: Due to the rapid development in areas such as artificial intelligence, the threat situation is characterized by a high degree of dynamism. That’s why “cyber resilience” is the “order of the hour”. What this means: Resistance to potential attacks must be increased, the authority demands. For example, by having more qualified IT security experts on the “defense side” who can identify and close security gaps at an early stage.
Both the state and civil society are not defenseless against the diverse threats, the report says, but they must take appropriate precautions in order to be able to mitigate the negative consequences even in the event of a successful attack.
Source: Stern
I have been working in the news industry for over 6 years, first as a reporter and now as an editor. I have covered politics extensively, and my work has appeared in major newspapers and online news outlets around the world. In addition to my writing, I also contribute regularly to 24 Hours World.
