Reading Time: .


Critical infrastructure facilities are attractive targets for attack
The incident vividly illustrates how digital attacks can cause very specific damage in the real world. Critical infrastructure, which also includes municipal administration, ensures the supply of essential goods to the public and thus our societal well-being. This makes critical infrastructure an attractive target for financially or politically motivated attackers, cyberterrorists, and hacktivists.
The danger of attacks on critical infrastructure is increasing, and smaller municipalities in Germany, in particular, are often not adequately protected. Evidence of this perilous trend is provided by the figures in the current BSI report “Die Lage der IT-Sicherheit in Deutschland 2020” (The state of IT security in Germany 2020 – available in German only), according to which there were a total of 252 reports in the area of critical infrastructure in 2019, compared to the previous year’s much lower figure of 145.
Number of DDoS attacks on the rise


The protection of critical infrastructure is essential
Consistent protection of critical infrastructure against cyber attacks is essential for our society. To achieve maximum IT security, existing protective measures must be continuously reviewed and updated to reflect the ever-changing threat situation. This is where specialized service providers can help with their experience and technological expertise. Particularly in the public sector, the highest level of trust and reliability is essential.
When outsourcing IT security in the public sector and in the area of critical infrastructure in general, certain criteria such as recognized certifications (e.g., ISO 27001 based on IT-Grundschutz (IT baseline protection)) must be observed. In addition, the provider should be qualified by the BSI for critical infrastructure and offer 24/7 full-service support from its own SOC. Only in this way can municipalities and other critical infrastructure facilities ensure in the long term that their digital processes are protected in the best possible way and that the public is reliably served.