IT Service Provider Leaders Experiencing Complex Cyber Assaults, According to BSI Head
BSI Urges Enhanced IT Security Investment in Response to Sophisticated Cyber Attacks
Germany's top cybersecurity body, the Federal Office for Information Security (BSI), has expressed concerns over the rise in complex and well-planned cyber attacks on IT service providers. Claudia Plattner, the BSI president, called for increased investments in IT security to protect critical infrastructure, particularly power plants and power grids.
Speaking to Funke media group newspapers, Plattner emphasized the growing attack surfaces for cybercriminals. She also pointed out that small, decentralized power plants and wind farms are less secure against external threats than large power plant operators. However, Germany's energy supply currently remains secure and stable, according to the BSI chief.
In the past, Germany has experienced intricate cyber attacks, such as those targeting IT service providers. Plattner characterized these attacks as well-planned and strategically complex. The BSI head made these remarks amid growing concerns over cybersecurity threats to critical infrastructure.
The growing digitization of the energy supply necessitates robust cybersecurity measures. According to Plattner, while protective measures and redundancies are in place, further investments in IT security are required. She highlighted that the protection of critical infrastructure has improved over the years, but more efforts are needed to ensure security in the digital age.
Recent cyber threats have shown an increase in the use of artificial intelligence (AI) in attacks. Cybercriminals are employing AI-generated malware and deepfake technology to deceive employees and financial institutions, making these threats highly sophisticated. Additionally, the manufacturing sector has also seen a surge in cybersecurity threats, with incidents like those at Smiths Group and IMI emphasizing the need for proactive cybersecurity measures.
Despite the BSI's discussions with software vendors like Crowdstrike and Microsoft regarding IT disruptions, specific strategies used by attackers remain undisclosed. It is essential to stay vigilant and monitor evolving cyber threats to protect critical infrastructure effectively.
The Commission, given the growing digitization of the energy supply and the increasing complexity of cyber threats, may need to be involved in the preparation of a draft law on the protection of the environment, specifically cybersecurity and technology, in relation to politics and general news, as the rise in sophisticated cyber attacks poses a significant threat to critical infrastructure. The Commission's motivation stems from the need to ensure the stability and security of power plants and power grids, especially as small, decentralized facilities are more vulnerable to external threats compared to larger operators.
