BSI management report: BSI is preparing for technical security for new elections

BSI management report: BSI is preparing for technical security for new elections

BSI management report
BSI is preparing for technical security for new elections






The IT security situation in Germany is tense. It’s not just companies and municipalities that are affected. The BSI also sees challenges with a view to the early federal election.

Cyber ​​criminals active in Germany have professionalized their way of working and are technically up to date. The Federal Office for Information Security (BSI) is also currently presenting possible attacks on the federal election now planned for February – whether by hackers or as part of disinformation campaigns big challenges. “That’s close, we will do our utmost to secure this election process as best as possible,” said BSI President, Claudia Plattner, at the presentation of her authority’s management report for 2024 in Berlin with a view to the planned election date on March 23rd. February.

On the one hand, it is about the technical security of the electoral process. On the other hand, it is important to point out to voters “that not everything that is shared on social media on a massive scale, sometimes automatically, is always true.”

Successful work in elections is when you don’t notice anything

The BSI was “very, very successful” in this year’s elections, says Plattner. She adds: “How do you notice that? You didn’t notice. That’s exactly our success at this point.” Overall, the European elections went well. However, the use of artificial intelligence (AI) in disinformation campaigns would also open up new areas of work for the Federal Office that would have to be taken care of. When asked about the latest developments on the social media platform

In its current management report, the BSI states that an average of 309,000 new malware variants have recently become known every day, around a quarter more than in the previous reporting period.

More victims of ransomware attacks

According to the information, the number of suspected victims of so-called ransomware attacks increased significantly. The average ransom paid for stolen data reached a record level last year, but according to the BSI, it fell back to the level at the end of 2022 at the beginning of 2024. Ransomware refers to malicious programs that ensure that a user no longer has access to their data has.

The authors of the report, which maps the situation from July 1, 2023 to June 30 of this year, also point out that attackers sometimes have resources to detect so-called zero-day vulnerabilities for which there are not yet any There are “patches” (updates to close security gaps) so that data can be stolen even without the use of ransomware.

In addition to the already known phishing campaigns, in which cybercriminals trick users into thinking they are communicating with a bank, an increase in campaigns misusing the brand names of well-known streaming services was recorded in the reporting period, according to the BSI. Here too, the attackers aimed to access personal data, such as credit cards.

78 new software vulnerabilities per day

According to the management report, an average of 78 new vulnerabilities in software products were discovered every day in 2023. In particular, a large number of critical vulnerabilities in VPN software, firewalls and other systems for secure network connections have become known, the Federal Office reports. This is worrying, as the number of attacks on such systems continues to increase significantly.

But the report also contains two pieces of good news: During the period under review, prosecutors used internationally coordinated measures to successfully take action against several groups that had supplied other cybercriminals with ransomware in exchange for money.

And: 140 of 671 operators of so-called critical infrastructure have measurably improved the security management of their information systems in the past two years. Critical infrastructure includes facilities that are important for the functioning of the community, such as large energy suppliers, sewage treatment plants and local public transport.

dpa

Source: Stern

Leave a Reply

Your email address will not be published. Required fields are marked *

Latest Posts