Content
As it does every year in the fall, the German Federal Office for Information Security (BSI) has published its latest “Situation Report on IT Security in Germany 2025”. Once again, the conclusion is clear: there is no all-clear, as the IT security situation remains tense despite individual successes. Although international law enforcement measures have been able to almost eliminate large cybercrime groups such as LockBit and Alphv, the number of attack surfaces and vulnerabilities continues to grow rapidly.
In the reporting period from July 1, 2024 to June 30, 2025, an average of 119 new vulnerabilities in IT systems were reported every day – an increase of around 24%. Particularly critical: many web attack surfaces in Germany are still inadequately protected. Moreover, known vulnerabilities in perimeter systems are often patched either too late or not at all. Small and medium-sized enterprises (SMEs) are particularly affected: around 80 percent of all registered attacks were directed at them, as they often lack the know-how and resources for effective self-protection. The damaging effects remain high: data leaks and access data thefts increased, and although fewer and fewer companies are paying ransoms, the highest average amounts have been registered for successful blackmail since the surveys began.
BSI President calls for active protective measures
Claudia Plattner, President of the BSI, is particularly concerned about attacks on vulnerable groups such as small businesses, local authorities, clubs and associations. There is a real trend among attackers towards “easy prey”. Plattner therefore warns: “If we don’t manage to defend ourselves and our attack surfaces against the entire spectrum of threats in the short term, we will remain vulnerable – and sooner or later we will also be wounded.” All institutions will therefore have to adapt their risk assessment in 2026 and implement consistent attack surface management – for example through more restrictive access, timely updates or minimizing publicly accessible systems.
Ramon Weil, Founder & CEO of SECUINFRA, agrees with this assessment: “The report confirms what we see every day: Successful attacks don’t just happen because of highly complex zero-day exploits, but because of open doors. Those who know their attack surfaces and actively manage them not only protect their systems – but also the trust of their customers.”
The full report is available online on the BSI website
