Software

Bitkom: More than half of companies fall victim to ransomware attacks

September 4, 2024. Ransomware has become a lucrative line of business for cyber criminals in Germany. In the past twelve months, 6 out of 10 companies (60%) have been attacked in this way, 29% have suffered no damage as a result, while 31% have suffered damage – for example through loss of production, costs for IT service providers or payments to the perpetrators. Around one in eight affected companies (12%) responded to the financial demands. Three quarters (76%) state that they have not paid anything to the criminals, while 12% are unwilling or unable to provide any information. These are the results of a study commissioned by the digital association Bitkom, for which more than 1,000 companies were surveyed on a representative basis.

Symbolic image data security / pixabay cliff1126

Tags

Data Security, Digitization, IT, Resilience

Contact info

Silicon Saxony

Marketing, Kommunikation und Öffentlichkeitsarbeit

Manfred-von-Ardenne-Ring 20 F

Telefon: +49 351 8925 886

Fax: +49 351 8925 889

redaktion@silicon-saxony.de

Contact person:

Julia Nitzschner

julia.nitzschner@silicon-saxony.de

Telefon: +49 351 8973 3865

Robert Krauße

robert.krausse@silicon-saxony.de

Telefon: +49 351 8925 886

Ransomware is malware that is infiltrated into networks and computers, encrypts data and sometimes also sends it to the attackers. In order to regain access and prevent disclosure, the affected companies are asked to make payments by the perpetrators. “Anyone who falls victim to ransomware should never pay a ransom,” says Felix Kuhlenkamp, Security Policy Officer at Bitkom. “On the one hand, they are financing the next attacks by the perpetrators, who are usually organized crime groups. Secondly, the malware is often so poorly programmed that the perpetrators are unable to completely undo the encryption.”

Four out of ten (40 percent) of the affected companies were able to recover their data themselves, while 10 percent were able to get it back from the perpetrators without paying a ransom. Only 1 percent stated that stolen data was published. At the same time, 17% report massive restrictions on business operations as a result of the attack. 42% admit that they had not expected to fall victim to a ransomware attack. And 54% have tightened their security precautions as a result. Kuhlenkamp: “A ransomware attack can affect anyone. All companies should therefore ramp up their technical IT security, train employees to recognize attacks at an early stage and, above all, make regular backups. This way, data can be quickly and completely restored to the systems if the worst comes to the worst.”

After the attack, almost one in five affected companies (18%) called in a service provider to receive support against the attack. Around one in eight affected companies (12%) would have liked to have done so – but were unable to find a suitable service provider. In total, only 21% involved a law enforcement agency as a result of the attack.

Methodological note

The data is based on a survey conducted by Bitkom Research on behalf of the digital association Bitkom. This involved a telephone survey of 1,003 companies with 10 or more employees and an annual turnover of at least EUR 1 million in Germany. The survey took place in the period from week 16 to week 24 2024. The survey is representative. The questions were: “Which of the following types of cyberattack were carried out on your company in the last 12 months and did this cause any damage?”, “Did you pay the ransom?” and “Which of the following statements about ransomware attacks apply to your company?”

– – – – – –