{"id":7163,"date":"2023-09-26T09:37:33","date_gmt":"2023-09-26T09:37:33","guid":{"rendered":"https:\/\/www.securitytoday.de\/2026\/04\/02\/post_id-3292\/"},"modified":"2026-05-10T19:05:49","modified_gmt":"2026-05-10T19:05:49","slug":"bitkom-massive-damage-from-organized-cyberattacks-on-the-german-economy","status":"publish","type":"post","link":"https:\/\/www.securitytoday.de\/en\/2023\/09\/26\/bitkom-massive-damage-from-organized-cyberattacks-on-the-german-economy\/","title":{"rendered":"Bitkom: Massive Damage from Organized Cyberattacks on the German Economy"},"content":{"rendered":"<p><strong>Every second company sees itself existentially threatened by cybercrime. The annual damage to the German economy amounts to 200 billion euros. Most attacks originate from Russia and China. These are the results of a new Bitkom study.<\/strong><\/p>\n<h2>TL;DR<\/h2>\n<ul>\n<li><strong>206 billion euros in damage:<\/strong> Annual losses for the German economy due to cybercrime.<\/li>\n<li><strong>Every second company existentially threatened:<\/strong> Half of companies see themselves endangered by cyberattacks.<\/li>\n<li><strong>Russia and China:<\/strong> Main origin of attacks on German companies.<\/li>\n<li><strong>Organized crime:<\/strong> 61% of attacks come from criminal organizations.<\/li>\n<li><strong>IT budget for security:<\/strong> Only 30% follow the recommendation to spend 20% of the IT budget on cybersecurity.<\/li>\n<\/ul>\n<p style=\"font-weight: 400;\">Whether by coincidence or not, the German government declared war on organized crime shortly after the success of the TV series \u201c4 Blocks.\u201d But compared to international organized crime, this seems almost harmless in terms of the damage it inflicts on the German economy. The attackers, including intelligence services to a lesser extent, are mostly based in Russia (46 %) and China (42 %), but also in Germany (29 %), in Eastern European countries like Belarus (25 %) and in the USA (18 %), so the result of a Bitkom survey conducted in collaboration with the Federal Office for the Protection of the Constitution among 1,002 companies in Germany.<\/p>\n<p style=\"font-weight: 400;\">As the digital association Bitkom reports, the damage caused to the German economy by IT hardware and data theft, industrial espionage, and sabotage amounts to 206 billion euros, a slight increase from 203 billion euros the previous year, but still significantly below the 233 billion euros in the second year of the coronavirus pandemic in 2021. However, 200 billion euros in damage over three consecutive years is cause for concern, especially since attacks from the East have increased significantly. In Russia and China, it is particularly difficult to apprehend organized criminal groups and bring them to justice, as the authorities there are often powerless against them.<\/p>\n<p>Attacks from Russia and China on the rise<\/p>\n<p>However, in 2021, the two countries had significantly fewer attacks at 23 and 30 percent respectively compared to 2022. Russia is now ahead of China for the first time, but three-quarters of the surveyed companies (75 %) believe that the threat to cybersecurity posed by the country is still underestimated. And 61 percent consider the local security authorities currently powerless to act against such cyberattacks from abroad. Additionally, the lines between organized crime and state actors in these countries are often blurred, as Bitkom President Dr. Ralf Wintergerst states.<\/p>\n<p style=\"font-weight: 400;\">72 percent or roughly three-quarters of the surveyed companies reported being victims of analog or digital attacks in the past twelve months, with an additional 8 percent suspecting this but unable to prove it concretely. 61 percent now attribute these attacks to organized crime, compared to only 29 percent in 2021. 52 percent of companies, or 9 percentage points more than the previous year, now see themselves existentially threatened by cyberattacks.<\/p>\n<p style=\"font-weight: 400;\">Vice President of the Federal Office for the Protection of the Constitution, Sinan Selen, said during the presentation of the Bitkom study: \u201cThe results of the current Bitkom study fit seamlessly into our assessment of the situation. We are facing a sustained high threat from state and non-state cyber actors. Regional hotspots are clearly visible. We see that state actors also use cyber actors and target a wide range of objectives. These range from attacks on political institutions to the economy  &#8211;  from specialized small tech companies to large corporations  &#8211;  and also affect research institutions. The adversaries have staying power and are becoming increasingly aggressive, professional, and agile. Our response to this sustained threat is a significant strengthening of cooperation with our partners, rapid detection and response to identified attacks, and continuous adaptation of our defense mechanisms.\u201d<\/p>\n<h4>Phishing is the top attack method<\/h4>\n<p style=\"font-weight: 400;\">The study results show that attacks on the German economy are increasingly digital, while analog attacks are declining.<\/p>\n<p style=\"font-weight: 400;\">In cyberattacks, phishing is now at the top with 31 percent compared to 25 percent the previous year, followed by attacks on passwords and malware infections, each with an increase from 25 to 29 respectively 28 percent. Ransomware attacks have nearly doubled from 12 to 23 percent, while damage from DDoS attacks (Distributed Denial of Services) has significantly decreased.<\/p>\n<p style=\"font-weight: 400;\">Cyberattacks now account for 148 billion euros, or nearly 72 percent of the total economic damage in Germany. This is a significant increase from around 128 billion euros the previous year. Wintergerst attributes this to the fact that digital attacks can be launched from anywhere in the world and law enforcement in many countries is either weak or non-existent.<\/p>\n<p style=\"font-weight: 400;\">Despite increased efforts to protect data since the GDPR came into effect in 2018, cases of data theft have significantly increased. More than half of the companies (56 percent) reported stolen customer data. In 2022, this figure was still at 45 percent, and in 2021, it was 31 percent. The number of cases involving the theft of employee data has also risen sharply. In 2021, the figure was 17 percent, but in 2023, it reached 33 percent. <strong>The most frequently stolen data, with a share of 62 percent, are communication data such as emails, followed by the theft of access data and passwords (23 percent), financial data (20 percent), and data in the area of intellectual property (17 percent).<\/strong><\/p>\n<h4>Companies are arming themselves for cyber defense<\/h4>\n<p style=\"font-weight: 400;\">\u201cWhen personal data of third parties is stolen, the damage often extends far beyond the attacked company and can result in significant follow-up damage for the affected individuals. And for the companies, such an attack is usually particularly severe: often, they face <strong>fines and reputational damage comes with a massive loss of trust<\/strong> among employees, customers, or partners,\u201d warns Wintergerst.<\/p>\n<p style=\"font-weight: 400;\">8 out of 10 respondents (82 %) already expect cyberattacks on their company to increase in the next 12 months, with 56 percent anticipating a significant increase. The vast majority of companies (84 %) now advocate for a mandatory reporting requirement for cyberattacks &#8211; not only for companies but also for authorities and other public institutions. However, 80 percent of respondents also complain about excessive bureaucratic effort when reporting such attacks and malware. To defend against them, companies spend on average 14 percent of their IT budget on cybersecurity. Around one-third (30 %) follow the Bitkom and BSI recommendation to allocate 20 percent for this purpose, 42 percent spend 10 to 20 percent, and 16 percent of companies spend 5 to 10 percent of their IT budgets.<\/p>\n<h2>Key Facts at a Glance<\/h2>\n<p><strong>Annual Damage:<\/strong> 206 billion euros for the German economy<\/p>\n<p><strong>Existential Threat:<\/strong> 52% of companies feel threatened<\/p>\n<p><strong>Main Actors:<\/strong> 46% Russia, 42% China<\/p>\n<p><strong>Organized Crime:<\/strong> 61% of attacks<\/p>\n<p><strong>IT Security Budget:<\/strong> Recommendation 20% of IT budget, only 30% follow it<\/p>\n<p><strong>Source:<\/strong> Bitkom Economic Protection Study 2023<\/p>\n<p><strong>Fact:<\/strong> According to ISC2, there is a global shortage of over 3.4 million cybersecurity professionals.<\/p>\n<p><strong>Fact:<\/strong> The average detection time for a phishing campaign is 16 hours, according to Mandiant.<\/p>\n<h2>Frequently Asked Questions<\/h2>\n<h3>How much annual damage does cybercrime cause in Germany?<\/h3>\n<p>According to Bitkom, cybercrime causes annual damage of around 206 billion euros to the German economy. This includes direct damage from data theft, sabotage, and espionage, as well as indirect costs such as production downtime and reputational losses.<\/p>\n<h3>Where do most cyberattacks originate?<\/h3>\n<p>46% of attacks on German companies are attributed to Russia, and 42% to China. The attackers are increasingly professionally organized  &#8211;  61% of the attacks come from criminal organizations, sometimes with state support.<\/p>\n<h3>Which companies are particularly affected?<\/h3>\n<p>All industries and sizes are affected. Particularly in focus are small and medium-sized enterprises (often less protected), the manufacturing industry (IP theft), the financial sector (financial motive), and operators of critical infrastructure (strategic goals).<\/p>\n<h3>How much should companies spend on IT security?<\/h3>\n<p>Bitkom and the BSI recommend spending at least 20% of the IT budget on cybersecurity. Currently, only 30% of companies follow this recommendation. 42% spend 10-20%, and 16% spend only 5-10%.<\/p>\n<h3>What can SMEs do against cyberattacks?<\/h3>\n<p>Implement basic protection (firewall, endpoint protection, backups), train employees, create an incident response plan, apply regular updates, and use external managed security services if necessary. Cyber insurance is also gaining importance.<\/p>\n<h2>Further Reading in the Network<\/h2>\n<p>Current Threat Situation 2025: Cyberattacks Become More Aggressive (Security Today)<\/p>\n<p>IT Security for Cloud Infrastructures: <a href=\"https:\/\/www.cloudmagazin.com\" target=\"_blank\" rel=\"noopener\">cloudmagazin.com<\/a><\/p>\n<p>Cybersecurity as a Business Decision: <a href=\"https:\/\/mybusinessfuture.com\" target=\"_blank\" rel=\"noopener\">mybusinessfuture.com<\/a><\/p>\n<h2>Related Articles<\/h2>\n<ul>\n<li><a href=\"https:\/\/www.securitytoday.de\/en\/2026\/02\/28\/cyber-warfare-2026-state-sponsored-cyberattacks-europe\/\">Cyber Warfare 2026: When States Upgrade Digitally<\/a><\/li>\n<li><a href=\"https:\/\/www.securitytoday.de\/en\/2026\/03\/06\/cybersecurity-trends-2026-seven-key-developments\/\">Cybersecurity Trends 2026: The 7 Developments Security Decision-Makers Need to Know<\/a><\/li>\n<li><a href=\"https:\/\/www.securitytoday.de\/en\/2026\/03\/01\/hybrid-warfare-and-disinformation-the-underestimated-cyber-threat-to-businesses\/\">Hybrid Warfare and Disinformation: The Underestimated Cyber Threat to Companies<\/a><\/li>\n<\/ul>\n<p><em>Header Image Source: Pexels<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"Every second company sees itself existentially threatened by cybercrime. The annual damage to the German economy amounts to 200 billion euros. Most attacks originate from Russia and China. These are the results of a new Bitkom study. TL;DR 206 billion euros in damage: Annual losses for the German economy due to cybercrime. Every second company [&hellip;]","protected":false},"author":55,"featured_media":2779,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_yoast_wpseo_focuskw":"cyberattacks","_yoast_wpseo_title":"Bitkom: Massive Damage from Organized Cyberattacks on the German Economy","_yoast_wpseo_metadesc":"Cyberattacks cost German economy 200B euros yearly\u2014Bitkom report reveals rising threats from Russia, China. Discover how to protect your business now.","_yoast_wpseo_meta-robots-noindex":"","_yoast_wpseo_meta-robots-nofollow":"","_yoast_wpseo_meta-robots-adv":"","_yoast_wpseo_canonical":"","_yoast_wpseo_opengraph-title":"","_yoast_wpseo_opengraph-description":"","_yoast_wpseo_opengraph-image":"","_yoast_wpseo_opengraph-image-id":0,"_yoast_wpseo_twitter-title":"","_yoast_wpseo_twitter-description":"","_yoast_wpseo_twitter-image":"","_yoast_wpseo_twitter-image-id":0,"_evm_translation_lang":"","featured_post":0,"featured_post_sortierung":0,"_wp_old_slug":["post_id-3292"],"footnotes":""},"categories":[251],"tags":[236],"class_list":["post-7163","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","tag-phishing"],"evm_reading_time_minutes":8,"wpml_language":"en","wpml_translation_of":3292,"_links":{"self":[{"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/posts\/7163","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/users\/55"}],"replies":[{"embeddable":true,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/comments?post=7163"}],"version-history":[{"count":3,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/posts\/7163\/revisions"}],"predecessor-version":[{"id":9982,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/posts\/7163\/revisions\/9982"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/media\/2779"}],"wp:attachment":[{"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/media?parent=7163"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/categories?post=7163"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/tags?post=7163"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}