CybercrimeCybercrime a Booming Business — Thanks to COVID

By Marcel Fürstenau

Germany’s Federal Criminal Police Office (BKA) registered 108,474 cybercrimes in its latest annual report. That is an increase of nearly 8% on the previous year.

Carsten Meywirth, head of the BKA’s new Cybercrime Department, estimates that a large number of cyberattacks are not even registered.

Germany’s status as an economic powerhouse and innovation platform has made it an attractive target for attackers from around the world. In addition, there is the country’s geostrategic location at the heart of Europe: “Germany’s influence on the EU and its NATO membership also make it a focus for cybercrime,” Meywirth explains.

The COVID crisis has prompted Meywirth and his team to make additions to the list of potential targets: vaccination portals, education platforms, and servers used for remote office work.

Criminals also have their eye on the system of supply chains for vaccines: “A breakdown in operations at just one company can have a huge impact on society as a whole,” says Meywirth.

Digital Blackmail
Only around one-third of all cases are cleared up. And one highly dynamic area, says the BKA, is digital blackmail, using ransomware to encrypt the victim’s data and files “in order to threaten the victims with making details public.” This is a criminal business model that promises to generate massive profits.

For Sven Herpig at the SNV — the Berlin Foundation for New Responsibility — this whole development comes as no surprise.

The cyber expert argues that Germany is, in international comparison, well prepared to ward off damaging and costly attacks.

And critical infrastructure is better protected by law than in many other countries. The fact that Germany is organized as a federal system with federal structures actually helps, Herpig believes. Each of the country’s 16 states has its own criminal investigation authorities and intelligence agencies, including experts on IT security who “know just where to look,” says the cyber expert. 

‘Underground economy flourishing’
But Herpig says there is no disguising the fact that the criminals are always one step ahead. He fears that efforts to improve defenses against cyberattacks are not seen as a top priority. Preventive measures to bolster IT security need to be stepped up everywhere: in businesses, government offices, and among ordinary citizens, he warns.

The places that “criminals attack are places where they know they can make money.” Everything that has been digitalized is up for attack “if we do not build IT security into the system.”

Investigators say that for a high number of cyberattacks in Germany, criminals can be traced back to eastern Europe, and especially to Russia. Herpig draws the same conclusion. But he points to a number of countries in Asia that are also under observation by both national and international authorities.

While China continues to dabble in traditional economic espionage such as patent theft, North Korea’s focus is on anything that might benefit its own nuclear program. Bitkom, Germany’s digital association, estimates the damage caused to German companies by cybercrime at around €1.3 billion ($1.6 billion) for 2019 alone. That sum is mostly covered by insurance providers.

Stolen bank account details
The BKA investigators say that the spectrum of the nearly 25,000 identified suspects extends from criminals who act alone to organized gangs which operate internationally. The underground economy is home to “a fully-fledged service industry,” which offers tools to commit every kind of crime, says police investigator Meywirth.

Cybercriminals operate with stolen identities and bank account details: Names, addresses, credit card numbers. And that data is “used by cybercriminals for the planning and realization of further crimes,” Meywirth explains.

Emotet Takedown
BKA investigators are proud of how they managed to take down the dangerous malware “Emotet” in a global effort involving investigators from eight countries: Germany and the Netherlands, Ukraine, Lithuania, France, the UK, Canada, and the US.

As cybercrime continues to boom, the BKA is investing heavily in its Cybercrime Department — both in terms of funding and personnel. And, says Meywirth, training is the top priority if Germany’s cybercrime fighters are to “be able to keep up with the criminals.”

Marcel Fürstenau is a DW writer.This article is published courtesy of Deutsche Welle (DW).