Trending Topics Cybersecurity – September 2023

SECURITY INSIGHTS | October 02, 2023

Myra's monthly security highlights provide IT decision-makers and security professionals with the most relevant topics from the world of cybersecurity. Current trends, defense strategies and news on cyberattacks, attack campaigns and more can be found here in a clearly arranged format.

Organized crime is increasingly attacking the German economy. According to a recent survey by Germany's digital association Bitkom, 61 percent of affected companies attribute the cyberattacks they suffered to this group of perpetrators. In the previous year, the share was 51 percent, and two years ago it was 29 percent. Bitkom estimates the total annual damage to the German economy from data theft, espionage and sabotage at €206 billion (2022: €203 billion).

Politically motivated attacks on public authorities and critical infrastructures also continue to increase, as the Bavarian State Office for Information Security (LSI) notes in its recently presented annual report. In September, for example, DDoS attacks on the capital's portal, on Canadian airports, and on the stock exchange and banks in the Czech Republic led to numerous disruptions. Attackers do not even stop at non-profit organizations such as the children's charity Save the Children.

The top IT security topics in September

IT security trends

€206 billion in damage per year due to cyberattacks

The German economy suffers annual damage of €206 billion as a result of data theft, espionage and sabotage. This is the result of a study by Germany's digital association Bitkom. According to the study, every second company sees its existence threatened by cyberattacks. Most of the attacks are attributable to organized crime.

LSI annual report: more cyberattacks on authorities and companies in Bavaria

The Bavarian State Office for Information Security (LSI) has presented its annual report on cyber security. According to the report, the number of attacks on companies, public authorities and public institutions such as universities and research institutes continued to increase last year. The LSI observed an increase in politically motivated attacks like DDoS attacks on websites of public authorities or critical infrastructures.

Financial crime compliance costs $206 billion

Financial crime compliance costs are on the rise. According to a recent study by Forrester, 98 percent of all financial firms report an increasing burden. Globally, the cost is said to be $206 billion per year, with the EMEA economic region estimated to be the highest at $85 billion.


BaFin website crippled by DDoS attacks

Cybercriminals have sabotaged the website of Germany's Federal Financial Supervisory Authority (BaFin) using DDoS attacks. Despite the initiation of defensive measures, the website was barely accessible for several days. The supervisory authority's internal systems were reportedly not affected by the incident.

Cybercriminals attack humanitarian organization for children

Attackers have apparently gained access to the IT systems of the global child protection organization Save the Children. According to media reports, they stole 6.8 TBytes of data, including health and financial data. The case shows how unscrupulous cybercriminals are and that they do not even stop at non-profit organizations.

DDoS attacks on Czech banks and stock exchange

The cyber group NoName057 is said to be behind a DDoS attack campaign on several banks as well as the stock exchange in the Czech Republic.  Due to the attacks, the affected institutions experienced service problems, as their websites were only accessible to a limited extent. Customer funds were reportedly not lost as a result of the incident.

International Criminal Court apparently the target of a cyberattack

The International Criminal Court in The Hague, Netherlands, detected "anomalous activity" in its IT systems in mid-September. As a result, immediate action was taken to respond to the "cybersecurity incident," the court announced. The investigation involved local authorities as well as the national cybersecurity center, according to Reuters.

Canadian airports struggle with disruptions after DDoS attacks

DDoS attacks on the Canadian Border Services Agency (CBSA) have resulted in disruptions to border terminals and electronic gates at airports nationwide. Malfunctions of check-in kiosks caused hours of delays in checking in passengers. The group NoName057 claimed responsibility for the attacks.

Data theft: cybercriminals claim to have penetrated "all systems" of Sony

A new cybercrime group called RansomedVC says it has compromised all of Sony's systems and has stolen data. The attackers announced they would release the data unless Sony agreed to make a payment. They also plan to report the data loss as a GDPR violation. Their work is "in strict compliance with the GDPR and data protection laws," the group stated ironically.

DDoS attacks temporarily take down website of the state of Berlin

The capital city portal was the target of several DDoS attacks. As a result, the website was temporarily unavailable or only accessible to a limited extent. According to the Senate Chancellery, a data leak has not been detected so far.

Casino operators in the U.S. targeted by ransomware gang

Attackers gained access to the systems of US hotel and casino chains MGM Resort and Caesars Entertainment. They then blackmailed the companies by threatening to release the stolen customer data. While MGM Resort refused to pay, Caesars transferred $15 million to the extortionists.

Best Practice, Defense & Mitigation

Cyber crisis exercise for German financial industry

The cyber resilience of eleven financial companies and IT service providers was put to the test during a two-day exercise. The goal: to test their ability to cope with a potentially devastating cyber crisis. Also participating in the exercise, which was hosted by the German Federal Financial Supervisory Authority (BaFin), were the Bundesbank, the German Federal Ministry of Finance (BMF) and the German Federal Office for Information Security (BSI).

International law enforcement agencies shut down Qakbot network

The German Federal Criminal Police Office (BKA), in cooperation with the Attorney General's Office in Frankfurt am Main and U.S. law enforcement agencies, has completely taken over and seized the server infrastructure of the Qakbot malware operated in Germany. Qakbot is considered one of the most dangerous malicious programs in the world. It acts as a Trojan that injects additional malware onto the infected system.

Security compass published to support municipalities in cyber defense

The Stiftung Neue Verantwortung, together with the German Association of Cities, has developed a cybersecurity compass for municipalities. The interactive online directory includes information on responsible hotlines, warning and information services, financial support opportunities and training, among other things. The aim is to strengthen information security and resilience.

Things to know

What is the darknet?

All hidden online networks and services are subsumed under the term darknet. It is a part of the internet that can only be accessed via special client software and cannot be found using ordinary search engines such as Google, Bing, or DuckDuckGo.

Related articles