BKA situation report: Ransomware remains the threat to public institutions and commercial enterprises
The Federal Criminal Police Office (BKA) presented its annual federal situation picture of cybercrime, which focuses on so-called offenses against information technology systems and is defined as cybercrime. In the reporting period 2020, the number of cybercrime offenses increased by 8.7% compared to the previous year. It is clear that "the Internet as a means of committing crimes" gained in importance in almost all areas - and will continue to increase in the course of digitalization.
The financial interest of attackers is highlighted in particular, which would affect economically strong enterprises in particular, but increasingly also public institutions such as hospitals and organizations from the KRITIS sector. According to the report, typical entry points continue to be spam via e-mail, phishing and the use of illegitimately obtained login credentials as well as zero-day exploits.
In the situation report, particular importance is attached to cybercrime-as-a-service (CCaaS), i.e. as a service that can be booked. This is a fact that we have already addressed, for example in the section "Ransomware operations as affiliates" of the article "DDoS - keep the threat on your radar". In this context, the situation report emphasizes that these attacks originate in particular from a community oriented towards financial gain, which sometimes commit complex attacks and crimes without having a dedicated cyber background.
It is further reported that an increase has been recorded in 2020, especially in terms of high-volume DDoS attacks - massive in the period March to August 2020.