Overview
- During July 2024–June 2025, authorities logged 950 reported ransomware cases, 80 percent hitting small and medium businesses, with fewer victims paying but higher average ransoms.
- Cyberspying currently concentrates on public administration, with additional victims in defense, the judiciary, and public safety, and the BSI warns of a large number of undetected long‑term intrusions.
- The agency counted an average of 119 newly disclosed security flaws per day, a 24 percent rise, and found widespread IPv4 exposure and misconfigured systems that leak sensitive data.
- Attackers expanded tactics with quishing stickers on parking machines in several big cities, more vishing calls, and a 52 percent DDoS surge around February’s national events.
- International operations curtailed LockBit and Alphv, yet experts urge stronger central coordination and EU‑based infrastructure as the BSI notes gains in critical infrastructure and federal resilience.