BKA situation report shows: cybercrime continues to rise

The number of cyberattacks in Germany continued to rise last year. Around 87,000 cases of cybercrime were recorded by the police, 1% more than the year before. An increase of around 5% (271,864 cases) was also recorded in the number of crimes in which the Internet was used as a means of committing a crime in 2018. This is according to the "Cybercrime" situation report published today by the Federal Criminal Police Office (BKA). The diversity of digital attack targets ensures that the total volume of malware detected also continues to rise.

Crime-as-a-Service

Cybercriminals do not necessarily have to create this malware themselves. According to the BKA, a large number of illegal offers are made against payment on marketplaces on the Clearnet, Deepweb and Darknet, for example to carry out attacks on company networks and websites or to have viruses programmed. This business model is called "crime-as-a-service," in which stolen data or anonymization services are sold in addition to malware.

One of these marketplaces was "Webstresser," a platform that specialized in carrying out so-called DDoS (distributed denial of service) attacks on websites on behalf of its customers. DDoS attacks aim to overload websites, servers and networks so that they are no longer accessible. With the help of "Webstresser", even laymen were able to carry out these attacks, according to the BKA. In April 2018, the site, which had been hosted in Frankfurt am Main, among other places, was taken offline as part of an internationally coordinated measure by several law enforcement agencies, in which the BKA was also involved. By this time, "Webstresser" had been used for over four million DDoS attacks worldwide. The site's administrator had been arrested and investigations had been launched against 250 users of the platform.

Actual damage over 100 billion euros

 According to the BKA, cybercrime caused more than 60 million euros in damage in 2018, a decrease of around 18% compared to the previous year (2017: 71.4 million euros). However, the figure only represents what has become known to the police, it said. The BKA speaks of an estimated damage to companies of more than 100 billion euros. Companies in particular would still report cases of cybercrime and associated material damage comparatively rarely. The fear of a loss of trust among partners and customers runs counter to the interest in having the crime prosecuted. Hackers are not only interested in companies' money. Spying on technological knowledge is also important to them.

Display has positive effect

The BKA advises both companies and private individuals to report every case of cybercrime. In addition, preventive security measures should be taken for devices and processes. The fact that this has a positive effect is shown by the example of phishing in online banking: in 2018, 723 cases were reported on the phenomenon of phishing, which corresponds to a decrease of almost 50% compared to the previous year. The declining numbers are due to the fact that banks have further developed their TAN procedures and closed security gaps, according to the report. Overall, however, the BKA expects the number of cybercrime cases to continue to rise in the coming years.

And organized crime?

Cybercrime is also important in connection with the fight against organized crime (OC). Last year, 13 of the total of 535 registered OC groups were recorded in the cybercrime sector (2017: 17 OC groups), according to the latest BKA situation report.

In terms of crime, there is no difference between individual perpetrators and loose networks. OC groups also commit the typical cybercrime offenses, ranging from computer fraud and attacks on online banking to the distribution of ransomware with the aim of digital extortion. (ots)

Further information is available in the current Federal Situation Report Cybercrime to find.