More than half the companies in Germany have been hit by spying, sabotage or data theft in the last two years, the German IT industry association Bitkom said on Friday, and estimated the attacks caused around 55 billion euros’ worth of damage a year.
Several high-profile attacks have occurred recently, such as the WannaCry ransomware attacks in May and a virus dubbed “NotPetya” that halted production at some companies for more than a week. Others lost millions of euros to organized crime in a scam called “CEO Fraud”.
Some 53 per cent of companies in Germany have been victims of industrial espionage, sabotage or data theft in the last two years, Bitkom found – up from 51 per cent in a 2015 study.
Companies use kidnap insurance to guard against ransomware attacks
At the same time, the damage caused rose by 8 per cent to around 55 billion euros a year, the survey of 1,069 managers and people responsible for security in various sectors found.
Arne Schoenbohm, president of Germany’s BSI federal cyber agency, said many big companies and especially those operating critical infrastructure were generally well-prepared for cyber attacks. But many smaller and medium-sized companies did not take the threat seriously enough, he said.
“The high number of companies affected clearly shows that we still have work to do on cyber security in Germany,” he said in a statement on Friday.
The BSI urged companies in Europe’s largest economy to make information security a top priority and said all companies need to report serious IT security incidents, even if anonymously.
Schoenbohm told Reuters in an interview that hardware and software makers should do their part to shore up cyber security and patch weaknesses in software more quickly once identified.
What is ‘WannaCry’ and how does the ransomware work?
“There’s still a lot of work to be done,” he said. “We have to be careful that we don’t focus solely on industry and computer users, but also look at the producers and quality management.”
Some 62 per cent of companies affected found those behind the attacks were either current or former employees. Forty-one per cent blamed competitors, customers, suppliers or service providers for the attacks, Bitkom said.
Foreign intelligence agencies were found to be responsible in 3 per cent of the cases, it said.
Twenty-one per cent believed hobby hackers were responsible while 7 per cent attributed attacks to organized crime.