Trending Topics Cybersecurity – May 2025

Experts from politics, science, and IT agree: reliable cyber resilience is based equally on security, availability, compliance, and sovereignty. In an interview with Myra, Prof. Dr. Dennis-Kenji Kipker clearly states that DDoS attacks are becoming a challenge not only from a technical perspective, but also increasingly from a regulatory and liability perspective: Companies must critically examine their digital supply chain and specifically rely on European providers in order to avoid compliance risks and loss of control, according to the cybersecurity expert. 

Dr. Reinhard Brandl, former digital policy spokesman for the CDU/CSU parliamentary group in the German Bundestag, makes a similar plea, calling for a “Buy European” strategy for the public sector to reduce dependence on non-European technology providers and secure control over sensitive data and critical infrastructure. 

US providers: Risks in the supply chain are real and urgent 

The case of Karim Khan, chief prosecutor of the International Court of Justice, shows how quickly transatlantic dependencies in the digital supply chain can become a pitfall. As a result of the sanctions imposed by Donald Trump against the Hague court, Microsoft has now blocked the 55-year-old Britain's email account without further ado. Peter Ganten, CEO of the Open Source Business Alliance (OSBA), aka the German Federal Association for Digital Sovereignty, sharply criticizes the US company's actions and warns: “We cannot rely on companies that are not under our jurisdiction.” 

These developments make it clear that digital sovereignty is not an abstract goal, but an operational and social necessity to ensure cyber resilience even in times of growing cyber threats. 

The Top IT Security Topics in May

DDoS threat landscape: Companies must strengthen digital sovereignty and compliance  

In an interview with Myra Security, Prof. Dr. Dennis-Kenji Kipker warns of the increasing danger of politically motivated DDoS attacks and emphasizes that companies must keep an eye on significant compliance and liability risks in addition to technical defenses. He recommends switching the digital supply chain to European providers in order to minimize regulatory risks and secure control over business-critical data. 

Microsoft blocks email account of chief prosecutor at the International Criminal Court 

The blocking of the email account of the chief prosecutor at the International Criminal Court by Microsoft as a result of US sanctions highlights the serious dependence of European institutions on US technology companies and the resulting risks to the functioning and independence of key institutions. The Open Source Business Alliance (OSBA) therefore urgently calls for the establishment of independent, controllable IT infrastructures, as only digital sovereignty can prevent political decisions from abroad from blocking access to critical digital services.  

Privacy made in Europe: A plea for a “Buy European” strategy in the public sector 

Dr. Reinhard Brandl, member of the German Bundestag and former digital policy spokesman for the CDU/CSU parliamentary group, emphasizes in a guest article that the public sector in Europe should rely more on European IT providers to ensure digital sovereignty, data protection, and compliance with European values. A “Buy European” strategy is seen as a key lever for reducing dependence on non-European technology providers and securing control over sensitive data and critical infrastructure.  

BSI warns: Energy sector increasingly targeted by cyberattacks – uniform security standards called for 

In a position paper, the German Federal Office for Information Security (BSI) warns of a growing threat to energy companies from state-sponsored espionage, sabotage, extortion, and ideologically motivated attacks. In view of the risks posed by new technologies, supply chain attacks, and unknown vulnerabilities, the BSI is calling for uniform security requirements for all players in the energy sector and the expansion of supervisory and intervention rights in the event of cyber incidents.  

EU Commission urges implementation of NIS 2 

The European Commission has officially called on Germany and 18 other member states to fully implement the NIS 2 Directive on cybersecurity after the deadline expired in October 2024. If the states do not respond within two months and take appropriate measures, they face proceedings before the European Court of Justice. In Germany, implementation has recently been delayed due to ahead-of-schedule elections – the new federal government is now responsible for transposing the directive into German law.  

Cyberattack on US hospital network  

A ransomware attack has caused a widespread IT outage in a network of several medical centers in Ohio – Kettering Health. The affected facilities are facing significant technical difficulties as a result of the attack. One of the consequences is that emergency services are being diverted to other hospitals. 

Cyberattack on Marks & Spencer leads to significant losses  

British retail giant Marks & Spencer expects to lose up to £300 million (US$402 million) in profits due to a recent cyberattack that caused widespread operational and sales disruptions. Online sales systems remain disabled, and the company expects the disruptions to continue until at least July. 

Wave of DDoS attacks on banks: Myra protects financial institutions from massive attacks 

In May, German banks and financial service providers were the target of a coordinated wave of DDoS attacks in which cybercriminals used various attack methods such as Slowloris. The attacks also affected Myra customers, who were effectively defended thanks to our automated and multi-layered defense systems. The attacks lasted for more than 16 hours, with over 240 million requests being blocked by the protection systems – the availability of all affected financial services was ensured throughout.  

Data leak at Coinbase: Cyberattack leads to blackmail and disclosure of sensitive customer data 

The crypto exchange Coinbase was the target of a cyberattack in which attackers used bribed external employees to steal sensitive customer data and internal documents and are now blackmailing the company with the publication of this data. According to Coinbase, passwords and deposits are not affected, but customers have been informed, protective measures have been strengthened, and the financial damage is estimated at up to $400 million.

Adidas discloses data breach after service provider hack

Adidas has confirmed that a cyberattack on a service provider has led to a leak of customer data. According to the company, those affected are mainly people who have had contact with customer service. The attackers are not believed to have obtained passwords or credit card information. No further details on the nature or extent of the attack have been disclosed.

Cyberattack on major dairy company Arla 

A cyberattack has hit the German plant of major dairy company Arla, leading to significant supply bottlenecks. As a result of the attack, the systems had to be restarted step by step. Overall, there were delays in product deliveries and possibly even orders being canceled entirely.  

Hacker attack on BVG: data of 180,000 customers affected 

In a hacker attack on a service provider of the Berlin Transport Authority (BVG) in April, personal data of around 180,000 customers was stolen, including names, addresses, and email addresses, but no bank details or passwords. Although no misuse of the data has been detected so far, members of parliament criticized the late notification of those affected and accused the service provider of a lack of transparency.  

EU launches its own vulnerability database, EUVD  

With the European Union Vulnerability Database (EUVD), the EU now has its own central platform for recording and assessing IT security vulnerabilities. Operated by the cybersecurity agency ENISA, it systematically documents critical vulnerabilities, their exploitation, and available updates. The EUVD complements the previously dominant US CVE system, strengthens Europe's digital sovereignty, and helps companies comply more efficiently with regulatory requirements such as the NIS 2 Directive.

Operation Endgame 2.0: International action against malware networks

International security agencies have successfully taken down several leading malware networks as part of “Operation Endgame.” According to the German Federal Criminal Police Office (BKA), a total of 37 cybercriminals were identified, 20 international arrest warrants were issued, and around 300 servers and 650 domains were shut down. Investigators also seized cryptocurrency worth around €3.5 million.

Federal Network Agency publishes drafts for new IT security catalogs in the energy sector 

The German Federal Network Agency has presented revised drafts for its IT security catalogs, which are intended to help operators of electricity and gas networks and energy facilities adapt to current technological developments and threat situations. The two previously separate catalogs will be merged, aligned more closely with ISO/IEC 27001, and designed to better secure the energy supply through process-oriented information security management with regular risk analyses and audits.  

Cybersecurity as the key to Europe's digital sovereignty  

Minister of State Dr. Florian Herrmann visited the Myra headquarters in Munich in May and emphasized the central role of Bavarian cybersecurity solutions for the protection of critical infrastructures and Europe's digital independence. The visit focused on discussing the importance of independent, trustworthy IT infrastructures, touring the Security Operations Center (SOC), and the need to strengthen digital sovereignty in Bavaria, Germany, and Europe in the long term through research partnerships and the promotion of local providers.