Cyber security agenda: how the federal government intends to upgrade the German cyber defence
In the paper, the ministry points out the increased threat: “The war in Ukraine makes it clear once again how essential cyber security is for a modern, highly technological and digitized industrial state like Germany.” This means that targeted attacks on critical infrastructure, companies or state structures could “massively and permanently impair the functionality of our community and our economy”.
Faeser wants to avert the dangers with various measures. According to the agenda, the resilience of federal authorities, other state and civil infrastructures and in particular the critical infrastructures against cyber attacks should be strengthened. This, like the modernization of the “cyber security architecture, digital consumer protection and ensuring the availability of trustworthy technology, cannot be postponed,” says the paper.
The minister’s plans envisage expanding the federal cyber security authority, the Federal Office for Information Security (BSI), into the central office for IT security and intensifying cooperation between the federal and state governments. “We are striving for a more efficient and clearer distribution of tasks in the cyber security architecture and dovetail all actors with each other in a meaningful way,” it says. Because averting danger is primarily a matter for the federal states, Faeser had already announced that he would aim to change the Basic Law this year.
Top jobs of the day
Find the best jobs now and
be notified by email.
Assessments by the BSI on the threat of cyber attacks also show that there is a need for action. As early as last autumn, a “red alert” had to be declared in parts, said the President of the Federal Office, Arne Schönbohm, recently at a cyber conference. After Russia invaded Ukraine, the situation continued to deteriorate, even if no centrally controlled campaign has been identified so far.
Particularly threatening: Attacks on IT supply chains
Figures from the Federal Criminal Police Office (BKA), which the authority presented at the presentation of the Federal Situation Report Cybercrime 2021, are also sobering. Last year, the police registered 146,363 offenses in the field of cybercrime nationwide – an increase of more than twelve percent compared to the previous year. A strong increase was observed in the area of ransomware and DDoS attacks in particular.
Ransomware is malware that restricts or prevents victims from accessing data and systems, for example by encrypting all hard drives. The attackers then demand a ransom for the decryption. In DDoS attacks (“distributed denial of service”), attackers try to paralyze servers with a flood of requests. Faeser’s cyber security agenda therefore envisages an increased fight against ransomware extortion. Specifically, the international cooperation of the BKA in the field of cybercrime is to be expanded.
Another, relatively new type of attack is considered to be particularly threatening, in which the attackers are targeting the IT supply chains of operators of critical infrastructures (KRITIS). These so-called supply chain attacks are initially aimed at software manufacturers. There, malicious code is built into the software, which is then delivered to customers, for example through an update.
>> Read also: Army supplies, cyber attacks, escape assistance – Ukrainian IT companies in the war against Putin
If the attack is successful, criminals can penetrate systems through self-created security gaps. In this way, for example, attackers used maintenance software from the company Solarwinds, presumably for espionage purposes, to get into computer networks of US government agencies, including the Treasury and Energy Departments.
The Federal Ministry of the Interior sees a high potential for damage in such attacks. “Dependencies of KRITIS operators on availability in the IT supply chains can quickly be of existential importance in the event of damage or a crisis,” says the cyber security agenda.
The “self-protection of the federal authorities” should also be strengthened
“In addition to the already required verification of the trustworthiness of manufacturers, the availability of resources such as software licenses, cloud services and maintenance services as well as spare parts (e.g. network components) should also be better ensured in future.” In order to be able to act quickly in the event of cyber security incidents, KRITIS operators should also be able to act quickly be connected “tightly” to the BSI situation center.
>> Read also: “Tool for attacks against its own customers”: BSI warns of Kaspersky virus protection
In view of the current worsening of the security situation in Europe, the Ministry of the Interior also considers a readjustment of the “self-protection of the federal authorities” to be urgently necessary. According to the agenda, Germany is facing a “continuously increasing threat situation in cyberspace”. “The federal government must immediately adapt the protective measures in its IT security architecture to the increased threat situation.”
According to the plan, a so-called Chief Information Security Officer (CISO Bund) will be appointed as part of a “Federal Cyber Security Reinforcement Program” and a “Competence Center for the Federal Government’s operational security advice” will be set up. There have been considerations about this for a long time.
The fight against cyber threats has been a priority for the government for many years. An initial cyber security strategy was presented in 2011 and updated in 2016. With its cyber security agenda, Faeser wants to further develop the cyber security strategy of the previous government. This strategy was adopted by the Federal Cabinet in September 2021 and was intended to set the framework until 2026.
More: Why Russian hackers could endanger the German energy infrastructure