Cybersecurity is an issue that no longer only affects IT specialists, but all of us. The total annual damage to the German economy is around 206 billion euros (Bitkom Study Economic Study 2023). And at Digital X 2024, Europe’s leading digitalization initiative, it also recently became clear that cybersecurity is a hot topic. On the Main Stage, German activist Daniel Domscheit-Berg gave a powerful presentation on how vulnerable our digital world has become. But what does this mean in concrete terms for companies and how can they protect themselves?
Why Cybersecurity Affects Us All
Cybersecurity is not a question of company size or industry. It affects everyone – from small family businesses to multinational corporations. Every company that uses digital technologies is potentially at risk. And yet we often hear companies ask: “Why should my company, of all companies, be of interest to hackers?” This way of thinking is a dangerous misconception. Because it’s not always about targeted espionage or hunting for secrets, but about “normal crime”. What does that mean? Cyber criminals encrypt data from very different organizations and then extort a ransom. They often proceed according to the “scattergun principle”, meaning that anyone can be targeted.

Professionalization of Cybercrime: Thievery Corporation and Cybercrime-as-a-service
Behind the attacks are often highly professional, organized groups that act like medium-sized IT companies and strive for profit – called“Thievery Corporation”. According to the Competence Center for Cybersecurity in Business they are structured like conventional companies with analysts, a sales team, an inside sales team,an accounting department, a business development–department and so on. But: These employees are criminals. Their methods are illegal. Their business is illegal.
Unfortunately, they are also successful. In the underground economy there are numerous marketplaces where stolen data and identitiesare offeredare illegal goods such as drugs and weapons and increasingly also services for committing cybercrimes Cyberis known as “Cybercrime–as-a–service”.
The Methods of Cyberattacks Are Becoming Increasingly Profitable
These 4 forms of cybercrime are the most common:
Malicious software (malware) - central element of cybercrime
Many cybercrimes are committed with the help of malware. This is installed via malicious apps or attachments in emails, for example, and used to spy on or intercept data, to manipulate data traffic (e.g. in online banking) or to commit blackmail (ransomware). There are countless malware variants that are constantly being adapted by the perpetrators.
Spam and phishing - access to victim data
Stolen digital identities such as passwords, email addresses or bank details are often the starting point for further criminal acts. Spam and phishing e-mails with malicious content, i.e. attachments containing malware, or manipulated login forms on deceptively genuine-looking websites, are used to access this data. The emails sent are intended to entice victims to download or click on them. The nasty thing is that countless such emails are sent. They require good defense systems and attentive users in order to be detected. This is because cyber criminals often pretend to come from an authority or a known email contact.
Ransomware - digital blackmail by encrypting systems
Ransomware is considered the method with the highest potential for damage. When infected with ransomware, victims’ systems are encrypted and a ransom is demanded for decryption. More and more frequently, there is also a threat to publish the data. This procedure is called double extortion. In the case of triple extortion, DDoS (Distributed Denial of Service) is added as a further attack tactic and in the case of quadruple extortion tactics, even customers, suppliers and employees of the affected organization are put under pressure.
DDoS attacks - overloading systems
Denial of service attacks – so-called DDoS attacks – are basically aimed at causing an overload of the target system and thus cause targeted damage to the people, organizations and companies attacked.
Nowadays, criminals need fewer and fewer skills and organizational power to successfully carry out an attack attack – because the methods are offered as services and attack techniques are getting better and better. And this is also due to AI: AI and tools such as Voice Cloning are increasing the speedat which deceptive content is researched and created in phishing–emails while at the same time increasing the complexity and effectiveness of attacks..
The Economic Damage Caused By Cyberattacks
The effects of such attacks are devastating. Every year, the German economy suffers a total loss of around 206 billion euros (Bitkom Study Economic Study 2023). Dieser immense Verlust ist nicht nur auf gestohlene Daten zurückzuführen, sondern auch auf Produktionsausfälle, beschädigte Infrastruktur und den Reputationsverlust betroffener Unternehmen. Cases such as that of hardware manufacturer Quanta Computer show this very clearly.
No Easing on the Horizon: Urgent Need for Action for Companies
The coming years do not look like easing. Cybercrime will continue to gain in professionalism and profitability as a business model. Companies that do not invest in their security now run the risk of falling victim to increasingly sophisticated attacks in the future.
– Roman Usiatycki, EBF Team Lead Service Specialists
Conclusion: Solutions are available – and need to be used
Despite all the warnings, there is no reason to despair. There are many measures and solutions that companies can use to protect themselves against the risks. Companies should first fundamentally review their cybersecurity strategies and ask themselves: Is your organization equipped with modern security solutions? Is your IT team well equipped in terms of skills and resources? Are all employees – and managers – regularly trained and do they support the measures?
As a holistic security concept is essential nowadays, we will be addressing the topic of IT security in all its facets in the coming weeks and will be showing you many good approaches.

We would be happy to advise you on your individual concerns – and let you benefit from our extensive experience with other customers.
A further article about IT security
Whether it’s curiosity, time pressure or fear – psychological tricks play a major role in cyber attacks and unfortunately all too often lead to success. In this blog article, you can read about the 3 most common phishing tricks as well as key strategies and various technological solutions for phishing defense.