- Investigation Unveils: German Businesses Under Persistent Cyber Attacks from Chinese Cybercriminals
Annual financial losses due to cyber threats like theft, sabotage, and espionage for German businesses have reached an all-time high of approximately 267 billion euros, as per industry estimates. China has emerged as the primary source of such assaults on German corporations, according to a study conducted by Bitkom, published in Berlin.
In a survey involving over 1,000 firms across various sectors, 45% of the affected firms attributed the cyberattacks to China (2023: 42%). In recent times, attacks from Russia held the top position in the statistics, but this trend has changed dramatically. As of now, 39% of the targeted firms report attacks from Russia (2023: 46%).
These "tumultuous times"
The media reported in April that alleged hackers from the People's Republic had been spying on Volkswagen for years. Investigators revealed that the hackers desired Volkswagen's technological know-how. Bitkom President Ralf Wintergerst commented that the rising numbers demonstrate the "tumultuous and tense" nature of our times.
Hackers with malicious motives from Eastern Europe accounted for 32% of the cases, while the European Union (excluding Germany) was involved in 21% of the cases. Over a third of the targeted companies (36%) were unable to pinpoint the attackers' origin. About one-fifth of the attack victims (20%) assume the attack originated from Germany, while a quarter (25%) suspects the involvement of US-based hackers.
With regard to the regional origin of cyberattacks and the perpetrator circle, multiple possibilities were taken into account. This also accounted for instances where some companies were attacked from different regions repeatedly.
Criminals on the loose
The surveyed firms believed that organized crime was primarily responsible for the attacks (70%). They estimated that 20% of the attacks were orchestrated by foreign intelligence services. Last year, they identified secret services as the perpetrators in only 7% of cases. In 25% of the attacks, it was suspected that the actions were driven by revenge from current or former employees.
Bitkom's survey underscores the scope of the threat. Over eight out of ten German firms (81%) admitted to experiencing data theft, theft of IT equipment, industrial espionage, or sabotage in the last year. Another 10% suspect they have been targeted. Vice President of the Federal Office for the Protection of the Constitution Sinan Selen believes that even more companies have been attacked but simply remain unaware. "The missing 9% probably don't realize it. We must assume that nearly every company here is the target of an attack. Only some fail to recognize these attacks."
Digital and tangible harm
Cyberattacks on German companies are not solely confined to the digital realm but also extend to the real world. This includes theft of IT and telecommunications equipment, which affected 62% of the companies. 74% of the companies reported digital spying on their business data. Customers' data (62%), access data or passwords (35%), and intellectual property like patents and R&D information (26%) are frequently among the stolen data. General communication data like emails are most commonly targeted (63%).
Bitkom President Wintergerst suggested that companies should further strengthen their protective measures, encompassing both digital and traditional attacks such as eavesdropping on meetings or the theft of physical documents. Though erecting high protective barriers or severing ties with China presents significant challenges, Wintergerst acknowledged that it is necessary to address these concerns while maintaining global economic partnerships.
Constitutional Protection Deputy President Selen stated, "We should not erect barriers against China or halt cooperation and trade. It's about recognizing the opportunities as well as the risks. We must consider China as it is." The close link between state institutions and their local partners creates certain risks.
In light of these findings, some companies may consider implementing stricter security measures to protect against cyberattacks originating from 'Other' regions, as a significant number of firms (36%) remain unable to identify the attackers' origin.
Recognizing the increasing threat of cyberattacks, Bitkom President Wintergerst emphasized the need for companies to fortify their defenses against not only digital attacks but also traditional threats like eavesdropping or document theft, which can originate from 'Other' sources.