How to Prevent Cyberattacks on Critical Infrastructures

The recent DDoS attacks (Distributed Denial of Service, a cyberattack through flooding with malicious traffic) on German airports, state authorities, and the police in spring 2023 show: The vulnerability of critical infrastructures (KRITIS) is more acute than ever. Even the first wave in autumn 2022 (including attacks on Nord Stream pipelines) was alarming.

How vulnerable are critical infrastructures, and what measures must companies and organizations mandatorily take to protect themselves? The KRITIS whitepaper by Link11 and Schalast, “Critical Infrastructures in the Crosshairs,” provides an overview.

In addition to physical sabotage or accidents, cyberattacks on these systems have primarily increased in 2022/23. According to a Bitkom study, 51 percent of critical infrastructure operators even expect a further increase in the near future. The Federal Office for Information Security (BSI) therefore states in its current situation report: The threat level is “higher than ever.” No wonder, then, that regulation by the EU and the federal government is constantly increasing.

Critical infrastructures – including the sectors of energy, finance, health, telecommunications, government and administration, transportation, or water – are essential for the functioning of our society and economy. For this very reason, they are also in the focus of cybercriminals:

Attackers can steal data, extort money, and cause physical damage. With far-reaching consequences: million-euro production outages and supply shortages that can endanger or even cost human lives. The damage alone for the German economy in 2022 amounted to around 203 billion Euro. This can affect corporations, small and medium-sized enterprises, the administration, and civil society alike. For the affected population, cyberattacks on KRITIS mean direct damage to public supply.

In view of increasing cyberattacks, operators of critical infrastructures and companies must deal more intensively with digital threats and protection mechanisms. Because as soon as it’s about more than ransom, cyberattacks can not only impair business capability (data loss and manipulation or reputational damage) but also affect society as a whole. Companies should therefore structure their IT systems so that an attack has only minimal impact and critical parts of the network cannot be reached.

Lisa Fröhlich (Corporate Spokesperson Link11) comments:

“Because KRITIS are so important to our lives, pronounced and constantly evolving regulations from the federal government and the EU set the framework for the necessary IT security. At the same time, the recent series of DDoS attacks in Germany shows that effective DDoS protection is indispensable so that operators of critical infrastructures are not impaired by such attacks.”

This graphic shows more about the results of the report:

TL;DR

DDoS attacks on German airports, authorities, and police highlight the acute vulnerability of critical infrastructures
The economic damage from cyberattacks in 2022 amounted to around 203 billion Euro
Regulation by the EU and the federal government is steadily increasing – effective DDoS protection is indispensable for KRITIS operators

Key Facts

Damage Amount 2022: 203 billion Euro for the German economy

Expectation: 51 percent of KRITIS operators expect a further increase in cyberattacks

BSI Assessment: According to the BSI, the threat level is higher than ever before

Affected Sectors: Energy, finance, health, telecommunications, transportation, water, public administration

Fact: 75 percent of consumers trust companies more that handle data transparently, according to Cisco.

Fact: The average processing time for a data protection complaint with German supervisory authorities is 8 months, according to the BfDI.

Frequently Asked Questions

What are critical infrastructures (KRITIS)?

KRITIS includes organizations and facilities that are essential for the functioning of society and the economy. These include the sectors of energy, finance, health, telecommunications, transportation, water, and public administration.

Why are KRITIS operators particularly at risk?

Outages of critical infrastructures can directly affect millions of people – from supply shortages to dangers to human life. It is precisely this high impact that makes KRITIS preferred targets for cybercriminals and state-sponsored actors.

What are DDoS attacks and how do they work?

DDoS stands for Distributed Denial of Service. In this type of attack, a system is overwhelmed with a flood of malicious traffic, making it inaccessible to regular users. The attacks can paralyze entire infrastructures for hours or even days.

What regulatory requirements apply to KRITIS?

KRITIS operators are subject to strict requirements under the IT Security Act 2.0 and the EU Directive NIS2. These include reporting obligations in the event of security incidents, minimum standards for IT security, and regular evidence of implementation.

How can KRITIS operators protect themselves against DDoS attacks?

Effective DDoS protection requires specialized defense solutions that detect and filter malicious traffic before it reaches the actual infrastructure. Network segmentation and emergency plans additionally minimize the impact of successful attacks.