The threat posed by cybercrime in Germany remains critically high. As the world’s third-largest economy, Germany continues to be a primary target in cyberspace, according to Interior Minister Alexander Dobrindt, who presented the “Federal Cybercrime Situation Report 2025” on Tuesday.
The report noted an increase in particularly serious cyber offenses, as well as attacks targeting companies, government authorities, and critical infrastructure. The estimated damage volume to the German economy is set at 202.4 billion euros, representing approximately 4.5 percent of the gross domestic product. In 2025, around 334,000 specific cybercrime cases were recorded. Two-thirds of these offenses (207,888) originated from abroad or from unknown locations. It was stressed that the actual danger is likely much higher due to a significant “dark figure” of unreported incidents.
Minister Dobrindt stated his intention to respond with “greater firmness” calling for “more powers and more impact for our security authorities” arguing that the state cannot afford to be a bystander in the digital sphere. He vowed, “We will ensure that our investigators act technically and legally on equal footing with the perpetrators and can strike back”.
Martina Link, Deputy President of the Federal Criminal Police Office (BKA), emphasized that successful police action against cybercrime is effective. However, she warned against complacency regarding the persistently high threat level. She cautioned that cybercriminals are constantly adapting their methods, thereby increasing pressure on the state, economy, and society. She underlined the vital importance of continuous professional development within the authorities, adding, “As the BKA, we are ready to deploy our capabilities also in the area of danger prevention to increase cybersecurity and protect the public”.
In 2025, 1,041 ransomware attacks were reported, marking a ten percent increase from the previous year, with businesses and public institutions being the most affected. While the total amount paid in ransoms reached around 15.5 million US dollars, the significant rise in the average ransom payment indicates a stronger resilience among companies. Furthermore, through the international “Operation Endgame” major malware families used as entry points for ransomware attacks were neutralized, and suspects were identified.
The number of Denial-of-Service (DDoS) attacks increased by 25 percent in 2025, reaching 36,706 cases. The annual report suggested that DDoS attacks are also a preferred “modus operandi” of hacktivists. A key role was played by the hacktivist group “NoName057(16)” which allegedly carried out attacks against German institutions, particularly in connection with Germany’s support for Ukraine. Authorities were particularly targeted, along with administrative bodies and transport and logistics companies. Measures taken during “Operation Eastwood” led to parts of the group’s infrastructure being dismantled and international arrest warrants issued. Additionally, “Operation PowerOFF” allowed security services to successfully counter so-called “stress services” used specifically for overload attacks.
Finally, authorities note that AI-powered tools are gaining growing importance in cybercrime. Cybercriminals are reportedly using AI to execute attacks more quickly, precisely, and professionally. At the same time, AI technologies are also opening up new avenues for IT security and the early detection of vulnerabilities.