Cyber Attacks are Causing More and More Damage to Companies

KPMG study: phishing, attacks on cloud services and attacks via data leaks are the most common crimes.

More than one in three companies in Germany has been the victim of a cyber attack in the past two years. For 57 percent, the total amount of damage has increased. Nevertheless, the majority of companies have realized that e-crime is a real threat. For example, 67% of respondents rate the risk of becoming a victim of cybercrime as high or very high. In 2022, the figure was 61%. Furthermore, 65% of companies assume that the risk will increase in the next two years.

Service providers often a gateway for cyber criminals

According to the KPMG study “e-Crime in the German Economy 2024“, affected companies are most frequently victims of phishing (53%), attacks on cloud services (42%) and data leaks (37%). Computer criminals most frequently direct their attacks against mail servers (39%) and web servers (36%). They also use companies’ service providers as a gateway for their criminal activities. More than half (54%) of the affected companies experienced attacks on their own data via the technical infrastructure of service providers.

Computer criminals often do not take a targeted approach, but steal all data to which they can gain access. The most sought-after prey is customer data (47 percent), followed by the company’s bank and financial data (42 percent) and personnel data (37 percent).

Employees remain a significant risk factor

Two thirds of companies see a lack of security awareness among their employees as a major risk for e-crime. 74% therefore rely on training to sensitise their staff. “People remain a major risk when it comes to cybercrime. A lack of understanding of security in particular often makes it easy for criminals. Companies should invest in the human firewall, i.e. raising employee awareness,” says Michael Sauermann, Head of Forensic Technology Germany & EMA at KPMG.

Cyber insurance on the rise

To protect themselves against the financial consequences of e-crime, companies are increasingly turning to cyber insurance. 40 percent of the companies surveyed have already taken out such insurance and a further 42 percent are considering taking it out.