Trending Topics Cybersecurity – May 2023

The top IT security topics in May

IT security trends

EY study: German companies assess risk of cyberattacks as high as never before

More than two-thirds (68 percent) of the 500 or so companies surveyed by EY rate the risk of becoming the target of a cyberattack as “rather high” to “very high.” Almost three-quarters (73 percent) fear attacks by organized crime, followed by attacks by hacktivists.

Europol: Germany records most ransomware attacks across Europe

According to Europol Executive Director Jürgen Ebner, German companies and institutions are most frequently attacked by ransomware gangs in an EU comparison. In a global comparison, Germany ranks fourth. According to Ebner, the amount of damage also continues to increase.

Municipalities increasingly targeted by cyber attackers

The number of attacks is on the rise, according to the Baden-Württemberg cybersecurity agency, and the risk they pose is generally considered high. Attackers usually exploit avoidable vulnerabilities and primarily pursue monetary interests with their attacks.

Cybercrime

DDoS attack cripple's Swedish parliament website

The attack originated from politically motivated hacktivists and was presumably connected with Sweden's planned accession to NATO. As a result, the parliament's website was temporarily unavailable and subsequently experienced limited performance.

Citizen services disrupted after suspected cyberattack on county in Baden-Württemberg

Due to the security incident, the Ludwigsburg District Office had to completely shut down its IT infrastructure. The vehicle registration office, the driver's license office, the immigration office and the job center were temporarily closed.

Attack on federal economic development agency

Germany Trade and Invest (GTAI) was only accessible to a limited extent as a result of the attack. E-mail and telephone services were down. The ransomware group Play claimed responsibility for the attack.

Federal IT service provider spied on by cybercriminals

According to a warning letter from the ITDZ Bund, attackers “very likely” succeeded in intercepting large volumes of e-mail communications at the affected service providers. The emails contained personal data as well as project information that could be used for targeted phishing attacks.

Car repair chain struggles with disruption after attack on IT infrastructure

According to ATU, the attack led to website downtime and restrictions on telephone communications. Some services were shut down as a precaution and were “not accessible or only accessible to a limited extent.” Card payments were also no longer possible.

Best practice, defense & mitigation

NIS-2: What companies need to know now

NIS-2 finally makes IT security a matter for the boss. For companies in Germany, the new EU directive means: stricter requirements, wider scope and more critical consequences.

Threat Assessment: Assess attack risk now and identify appropriate protection solutions

Assess your individual threat situation and your current level of protection to specifically optimize your application and network security – quickly and easily with the Myra Threat Assessment Card.

13 domains seized from illegal DDoS-for-hire services

The FBI, in cooperation with international law enforcement agencies, has once again seized domains from so-called booter services that criminals use for DDoS attacks. Ten of the 13 blocked domains belong to reissues of DDoS-for-hire services that were previously shut down in December 2022 as part of the “PowerOFF” action.

Darknet marketplace Monopoly Market: investigators arrest 288 suspects

Law enforcement agencies from nine countries have arrested 288 suspects who allegedly traded drugs on the illegal Monopoly Market trading platform. 52 people were arrested in Germany alone. In addition, €51 million in cash and cryptocurrencies were seized.

FBI requests $90 million budget for cybersecurity

The U.S. Federal Bureau of Investigation (FBI) has requested about $63.4 million in funding to fight cyber threats in 2024. Another $27.2 million will go toward improved protection of internal FBI networks.

Things to know

SSL/TLS termination: focus on compliance and trust

Protection and CDN service providers need to decode encrypted traffic to detect attacks and accelerate website content. Therefore, choosing a trusted service provider is crucial.

Success Story: Minimizing downtime for the Federal Ministry of Health

The German Federal Ministry of Health had to deal with downtime of its website due to sometimes unexpected traffic spikes and DDoS attacks. Thanks to Myra's GDPR-compliant protection and performance solutions, the ministry was able to minimize downtime.