Alarm level red had been reached in certain areas, BSI president Arne Schoenbohm said. Cybercriminals were increasingly professional in their methods, while society was increasingly networked digitally. Serious weaknesses in IT products were widespread, he said.
“Information security must be given considerably greater significance and become the basis for all digitization projects,” the report says.
Outgoing Interior Minister Horst Seehofer declined to respond directly on being asked whether the BSI, which falls within the Interior Ministry, should be upgraded to a full ministry under the incoming government as formal coalition talks were set to begin on Thursday.
Seehofer would only say that general security could not be separated from cybersecurity.
According to the BSI, criminals are now using multi-level attack strategies formerly used only in cyberespionage.
One method was for a malicious hacker engaged in negotiating a ransom from a victim to simultaneously launch an attack on a new system the victim was using to to continue business operations.
Another was for the hacker to publish stolen data on a so-called “leak page” to apply increased pressure.
The BSI pointed to an example where a psychotherapy practice was hacked, with individual patients then being subjected to pressure along with the owners of the practice itself.
The BSI put the number of new variants of malware at 144 million, up 22 per cent on the year. February this year saw 553,000 malware variants detected in a single day in a new record.