Trending Topics Cybersecurity – April 2025

The latest developments in the cyber threat landscape in Germany and Europe make it clear that digital sovereignty is not an abstract ideal, but a fundamental prerequisite for the resilience of the state, the economy, and society. Especially in geopolitically dynamic times, supply chain security, legal certainty, data protection, and availability are proving to be closely intertwined factors.  

IT law expert Prof. Dr. Dennis-Kenji Kipker emphasizes in the new Myra Minds podcast that digital sovereignty is much more than just a buzzword. Kipker stresses that decades of outsourcing and blind trust in global IT supply chains have made the European economy vulnerable – both politically and economically. According to Kipker, regaining digital sovereignty is essential to reduce such dependencies, strengthen resilience, and ensure compliance with European legal and data protection standards.  

DDoS attacks and hybrid threats

Meanwhile, a massive wave of DDoS attacks on German authorities and companies once again demonstrates the vulnerability of central digital infrastructures. Such attacks have long been part of a hybrid threat scenario that, according to the German Armed Forces, affects Germany on a daily basis. The attacks are not only aimed at technical systems, but also at the stability and trust in government and economic processes. 

The Top IT Security Topics in April

Wave of DDoS attacks hits websites of numerous German authorities and companies 

At the end of April, the websites of numerous authorities and companies in Germany were the target of a widespread attack campaign. The DDoS attacks, which temporarily paralyzed the website of the city of Nuremberg and the capital city portal berlin.de, among others, are believed to have been carried out by the pro-Russian group NoName057(16).  

Data protection officer warns against using cloud providers headquartered outside the EU 

The state data protection commissioner of Mecklenburg-Western Pomerania, Sebastian Schmidt, has warned authorities against using non-European cloud service providers. Administrations should not make themselves dependent on providers from third countries, as this jeopardizes both data protection in accordance with European standards and the long-term availability of services.  

Germany is the target of hybrid attacks every day 

The head of the Bundeswehr's state command in Baden-Württemberg, Captain Michael Giss, warns that Germany is the target of hybrid attacks from Russia every day, including cyberattacks on the administration, companies, and Deutsche Bahn, as well as unauthorized drone flights over military facilities. These activities are part of a strategy aimed at creating discord and dividing society.  

Digital awakening: Europe's path to sovereignty  

Europe and Germany are at a turning point in digital policy. Myra Security asked the Federal Commissioner for Data Protection and Freedom of Information (BfDI), Prof. Dr. Louisa Specht-Riemenschneider, how we can remain in control of our data and act confidently in accordance with unified European standards. 

Identifying and reducing risks from dependencies in the digital supply chain  

A lack of digital sovereignty jeopardizes the European economy and makes it vulnerable to political and economic blackmail. Prof. Dr. Dennis-Kenji Kipker describes how decades of outsourcing and blind trust in globalization have led to this crisis and emphasizes the need to regain digital sovereignty in order to strengthen independence and security in the digital world.  

Switzerland introduces mandatory reporting of cyberattacks on critical infrastructure 

Since April 1, 2025, operators of critical infrastructure and IT service providers must report cyberattacks to the Swiss Federal Office for Cyber Security (BACS) within 24 hours. The regulation strengthens national resilience and is aligned with the EU NIS 2 Directive. Sanctions will come into force in October 2025. 

ECB steps up focus on cybersecurity in the banking sector 

The European Central Bank (ECB) plans to step up its oversight of banks' cyber risk management in the current year, ECB President Christine Lagarde emphasized in the 2024 Annual Report on Banking Supervision. In view of increasing economic, geopolitical, and climate-related risks, ECB Chief Banking Supervisor Claudia Buch is calling on banks to adapt their risk management frameworks and prepare for negative scenarios.  

AI tools create exploit for critical SSH vulnerability 

The threat potential posed by AI models is growing rapidly. Recent research has revealed that the AI models ChatGPT and Claude provided exploits to abuse a critical security flaw in SSH shortly after it was disclosed. For security professionals, this underscores the urgency of implementing security updates promptly to prevent potential attacks. 

Access data of German politicians appears on the darknet  

The darknet has revealed the work email addresses and passwords of numerous German state parliamentarians, which were used for private accounts on online platforms such as LinkedIn and Dropbox. Members of parliament from Rhineland-Palatinate, North Rhine-Westphalia, and Saxony-Anhalt were particularly affected. The leaked data could be misused for targeted phishing campaigns. 

Locked Shields: NATO cyber security exercise

The NATO exercise “Locked Shields” brings together around 3,500 IT experts from 37 nations to train in defending critical infrastructure against cyber attacks in realistic scenarios. Defense Minister Boris Pistorius emphasizes the central importance of cybersecurity for Germany in light of increasing hybrid threats. Christof Klaus, Director of Global Network Defense at Myra, explains in the context of the exercise that Germany is technically well equipped to advance European cybersecurity, but that the issue must be given greater priority on the economic and political agenda.

SmokeLoader: Europol targets customers of cybercrime-as-a-service platform 

In a coordinated operation, Europol targeted customers of the SmokeLoader botnet, which is operated by an actor known as “Superstar,” conducting house searches, arrests, and issuing arrest warrants. These measures are part of Operation Endgame, which aims to combat demand for illegal malware services and reduce crime in cyberspace.  

“Digi-SOS”: North Rhine-Westphalia wants to support authorities in IT security incidents

The state of North Rhine-Westphalia (NRW) has launched “Digi-SOS,” an assistance program to support municipalities, state authorities, and other public institutions in the event of an attack on their IT infrastructures. “The new offering is a crucial building block in making digital administration in North Rhine-Westphalia more resilient to IT attacks,” emphasized Ina Scharrenbach, the state minister responsible.  

Secure and sovereign software supply chains: BSI and ZenDis present strategy paper 

The German Federal Office for Information Security (BSI) and the Center for Digital Sovereignty in Public Administration (ZenDiS) have jointly presented a strategy paper on the automated securing of software supply chains in public administration. The aim is to increase security through bundled expertise and standardized testing procedures and to replace reactive security approaches with preventive measures.  

Fight against cybercrime: Europol to be strengthened  

The EU Commission plans to transform Europol into an operational law enforcement agency. To this end, the European police authority, which supports EU member states in combating cybercrime, among other things, is to be given more powers and resources. A concrete proposal for the new mandate is expected next year and must be approved by the European Parliament and the Council of EU member states. 

“Myra Minds” – The new podcast for cyber resilience and digital responsibility 

In our podcast, we discuss the most important topics related to IT security, compliance, data protection, and cyber resilience. Host Christof Klaus, Director of Global Network Defense at Myra, joins experts from IT, business, and politics to shed light on current challenges, opportunities, and trends. 

How to detect and block AI bots  

AI-based bots and crawlers search the internet to extract content that is used to train large language models. With Myra's Web Application Firewall (WAF), you can block automated requests in a targeted manner.