IT Service Provider Attack Criticized by BSI Leader: Advanced Assaults Described

IT Service Provider Attack Criticized by BSI Leader: Advanced Assaults Described

Germany's top cybersecurity authority, the Federal Office for Information Security (BSI), has voiced concerns over the escalating threats of sophisticated cyber attacks against IT service providers and energy infrastructure. Claudia Plattner, the BSI's president, highlighted these complex attacks as "well-planned" and "strategically complex."

In a conversation with the Funke media group, Plattner raised the alarm about the growing vulnerabilities in Germany's power supply, particularly the increase in smaller, less secure power plants and wind farms. She warned that these less-protected facilities can serve as attractive targets for cybercriminals, given their proliferation.

Simultaneously, Plattner recognized the necessary digitization of critical infrastructure for modernization and efficiency. However, this digitization introduces new vulnerabilities which attackers can exploit to gain unauthorized access. Plattner underlined the need for robust protection of these digitized systems.

The BSI chief also pointed out the use of advanced exploits and malware, zero-day vulnerabilities, supply chain compromises, and silent, persistent infiltration as common tactics by sophisticated attackers. She emphasized that detecting and countering these attacks can be challenging due to their extended preparation and reconnaissance phases.

Plattner communicated that the power grid in Germany remains stable and secure at present, with extensive protective measures and redundancies. However, she reiterated the importance of increased investment in cybersecurity measures and better protection for decentralized infrastructure to enhance the overall operational resilience of the power grid.

Sources: ntv.de, gho

1. "The Commission, in its efforts to ensure a safe and sustainable environment, might consider incorporating cybersecurity measures in the draft law on the protection of the environment, addressing the increasing threats from sophisticated attacks on critical infrastructures such as power supply and technology."
2. "In light of the recent revelations about the vulnerabilities in Germany's power infrastructure and the strategic complexities of cyber threats, it would be prudent for political discussions to prioritize cybersecurity in the general-news arena, particularly in relation to technology and the digitization of critical infrastructure."

Read also: