BSI und BKA warnen vor Cyber-Attacken über Weihnachten

BSI and BKA warn of cyber attacks over Christmas

The German Federal Office for Information Security (BSI) and the German Federal Criminal Police Office (BKA) warn in a press release published on 02.12.2021 of increased attack risks (e.g. cyber attacks) on companies over the Christmas holidays this year.

From the experience of the two federal agencies, cyber criminals prefer to use long weekends, vacations and vacation periods, times when companies are usually less responsive, to infiltrate malicious code.

Several reasons for the increased security risk

BSI and BKA cite several reasons for the increase in security risk, especially during the Christmas holidays. Overall, the BKA has already seen a significant increase in ransomware attacks and cyber attacks in 2021.

Few staff on holidays reduces the responsiveness of companies

Thin staffing levels on public holidays mean that most attacks can only be detected (too) late in affected companies. As a result, countermeasures can no longer be initiated. Criminals therefore take advantage of vacation periods and long weekends to carry out their attacks.

Thousands of MS Exchange servers still not fully patched

In addition, the BSI has identified several thousand vulnerable MS Exchange servers in recent months. Despite the provision of updates, these are still not fully patched and therefore easy for criminals to attack.

Ransomware Emotet on the rise again

Emotet has further increased the risk of cyber attacks. After Emotet was initially rendered harmless by an internationally coordinated takedown at the beginning of 2021, the malware has been resurgent for several months and is increasingly being spread via spam emails. The BSI believes that waves of Emotet attacks are likely, especially during the Christmas season.

In some cases, criminals also send spam emails to spread Emotet via Exchange servers that have already been compromised. Even if the vulnerabilities in Exchange servers were patched quickly in March 2021 when they became known, criminals could still have obtained the access data before then. The access data can currently be bought by criminals on black markets on the Internet. If companies suspect a compromise, they can find help on the BSI website.

How companies reduce the risk of attack

BSI and BKA are not only focusing on prevention to reduce risks, but are advising companies to increase their detection and response capabilities. To reduce the risk during the Christmas holidays, it is important that companies check that all patches for MS Exchange Server are fully installed.

In addition, it is important that sufficient backups are in place to secure data assets and that companies practice their disaster recovery plans.

 

If you have questions about the security strategy for your company – contact us. We will support you with the development of solutions suitable for you.

This post is also available in: German