The threat posed by cybercrime remains high in Germany. Speaking at the presentation of the “Federal Situation Report Cybercrime 2025” on Tuesday, Interior Minister Alexander Dobrindt noted that as one of the world’s three largest economies, the country continues to be a major target in cyberspace.
According to the report, serious cybercrimes and attacks targeting businesses, authorities, and critical infrastructure are increasing. The estimated financial damage to the German economy is 202.4 billion euros, amounting to about 4.5 percent of the Gross Domestic Product. In 2025, approximately 334,000 cybercrime cases were registered. Two-thirds of these incidents (207,888) were carried out from foreign or unknown locations. The ministry stated that the actual threat level is likely much higher due to a significant “dark figure” of unreported crimes.
Minister Dobrindt stated his desire to respond with “more severity” calling for “more powers and more impact for our security agencies” arguing that the state cannot remain passive in the digital sphere. He vowed, “We will ensure that our investigators act technically and legally on equal footing with the perpetrators and can push back”.
Martina Link, Deputy Commissioner of the Federal Criminal Police Office (BKA), acknowledged that successful law enforcement actions are effective but cautioned that the high dynamic nature of the threat cannot be forgotten. She explained that cybercriminals continuously adapt their methods, thus increasing pressure on the state, economy, and society. She added that constant development within the authorities is therefore crucial, stating that the BKA is ready to contribute its capabilities to disaster prevention to enhance cyber safety and protect the population.
Specific crime types also show notable trends. In 2025, 1,041 ransomware attacks were reported, marking a ten percent increase from the previous year, with businesses and public institutions being particularly affected. While the overall settlement total reached approximately 15.5 million US dollars, the increase in average ransom payments coincided with fewer victims paying them, suggesting improved resilience among many companies. Internationally, through “Operation Endgame” authorities managed to neutralize several major malware families used as entry points for ransomware and identify suspects.
Furthermore, the number of denial-of-service attacks (DDoS) increased by 25 percent in 2025, reaching 36,706 cases. The annual report also noted that DDoS attacks are favored by hacktivist groups. A significant factor was the hacktivist group “NoName057(16)” which conducted attacks against German facilities, especially in relation to Germany’s support for Ukraine. Through “Operation Eastwood” parts of this group’s infrastructure were dismantled, and international warrants were issued. Additionally, security authorities announced successful actions against so-called “stress services” which are specifically used for DDoS attacks, under “Operation PowerOFF”.
Finally, authorities view Artificial Intelligence (AI)-powered tools as increasingly important in the fight against cybercrime. Criminals are using AI to execute attacks faster, more accurately, and professionally. However, these technologies also open new avenues for the IT security sector, facilitating the early detection of vulnerabilities.
