Why cybercrime is causing record losses for German companies

Criminals have become increasingly sophisticated and it appears to be paying off. Criminal attacks on companies throughout Germany, according to their own estimates, have cost German companies an annual $113.97 billion.

The digital association Bitkom, which presented a corresponding survey in Berlin, spoke of “record losses”. The damage caused by “analog and digital” attacks is almost twice as high as it was two years ago. Back then, the industry association still assumed $60.95 billion in losses a year.

“The scope and caliber of the attacks on German companies have increased dramatically,” explained Bitkom President Achim Berg. He presented the results of the survey to more than a thousand business representatives, together with Vice Constitutional Protection Chief Michael Niemeier.

Cybercrime in the “analog” world

Three-quarters of the companies surveyed were affected by attacks in the two years prior to the survey period (end of April to mid-June 2019). An additional 13% suspect that they were also attacked during this time. 

According to the estimates of those affected, these attacks also caused more damage than before. According to the survey, sensitive digital data and information have been stolen from around 1 in 5 companies. A further 17% of these companies reported “digital sabotage”.

But there are still attacks in the physical world. Almost a third of those surveyed had their IT or telecommunications equipment stolen. Almost one in six were stolen physical documents, samples, machines, components or the like.

“The approach of these attacks is hard to predict,” Berg said. In large tenders, competitors tried to find out details about bids. Information about patents or new developments is also in great demand.

Manipulation also plays an important role, in which informers deceive employees in order to gain access to sensitive data. 1 in 5 companies have experienced these sorts of attacks in the real world, and 1 in 6 in the digital world.

The perpetrators are former colleagues or hobby hackers

According to the respondents, in one-third of the cases the perpetrators of these cyber crimes are former colleagues who acted intentionally. In 38% of the cases, they suspected private individuals such as hobby hackers.

One-fifth of the cybercrimes are attributed to competing companies, another fifth to organized crime. 12% of the respondents suspect that foreign intelligence services were behind the attacks. A significant increase in the last survey in 2017, when the figure was 3%.

“You have to take that with a grain of salt, as these are the self-assessments made by the companies,” said Vice-Constitutional Protection Chief Niemeier about the perceived trend. “But I think the trend is right.

In most cases, the companies became aware of the attacks through information from their own ranks. “Well-trained employees are the most effective protection,” said Berg. Training can also significantly reduce the risk of spying emails (phishing).

Nevertheless, the vast majority of respondents are skeptical about the future: the vast majority expect an increase in cyber attacks.

New methods are needed to protect consumers and companies against cybercrime

Companies are being forced to adapt to this new reality as cybercrime grows. For example, sports prediction apps like Probet have to implement cutting edge security in order to protect the identities of its users and ordinary companies have to do the same.

Technical solutions will only go so far and the first line of defense is always the employee. By training employees to identify and report phishing emails, companies are able to ensure that they don’t get caught by surprise. It’s also very important to conduct regular “readiness drills” to keep staff ready for attacks.

__

(Featured image by Markus Spiske via Unsplash)

First published in STIMME, a third-party contributor translated and adapted the article from the original. In case of discrepancy, the original will prevail.

Although we made reasonable efforts to provide accurate translations, some parts may be incorrect. Born2Invest assumes no responsibility for errors, omissions or ambiguities in the translations provided on this website. Any person or entity relying on translated content does so at their own risk. Born2Invest is not responsible for losses caused by such reliance on the accuracy or reliability of translated information. If you wish to report an error or inaccuracy in the translation, we encourage you to contact us.