Artificial Intelligence Cyberattacks in Germany: "We Have to Wait Until a Child Falls Down a Well"

"The threat level in cyberspace remains consistently high," says Interior Minister Alexander Dobrint (CSU), the politician responsible for security in Germany. The reason for his warning is the Cybercrime Report 2025, which was published in Berlin on Tuesday (May 12) by the Federal Criminal Police Office (BKA).

Over 900 cyberattacks per day

BKA Vice President Martina Link also finds the report's findings alarming. She estimates the financial damage at around 202 billion euros. This corresponds to around 4,5 percent of gross domestic product (GDP). The primary targets of these attacks are businesses, government agencies and critical infrastructure such as power plants or hospitals.

The total number of attacks officially registered by the police – from malware secretly implanted on computers to data theft and emptying of bank accounts – was 334.000. That’s an average of more than 900 attacks per day. Germany is a particularly lucrative target for cybercriminals because, despite the crisis, it remains the world’s third-largest national economy.

Attacks almost always come from abroad

Two-thirds of these crimes were committed from abroad or from locations that could not be definitively identified.

"These attacks are always cross-border, almost always international," emphasizes BKA Vice President Link. Like the Interior Minister, she sees the rapid development of artificial intelligence (AI) as the biggest challenge.

Even non-experts can quickly acquire specific skills using AI, says Dobrint. "The linguistic capabilities of AI allow it to operate simultaneously in very different regions of the world, because it can generate flawless text in different languages." The result is authentic-looking websites or emails that cybercriminals use to lure their victims down a false trail.

Minister Dobrint: "We are not helpless"

Despite the growing dangers, Minister Alexander Dobrint remains confident in the fight against cybercrime: "We are not helpless," he says, citing successful cooperation with other countries as proof. The main proof is the major crackdown against internationally networked cybercriminals – dubbed "Operation Endgame 2.0". In this operation, authorities from seven countries successfully joined forces to neutralize one of the most dangerous malware programs in existence.

Germany cooperated with Denmark, France, the United Kingdom, Canada, the Netherlands and the United States in the operation. In addition, police and judicial authorities from the European Union were involved. International arrest warrants were issued for around 20 suspects, most of whom are from Russia.

More powers for the BKA?

"Our successful measures against cybercrime show that police action is effective – but they must not create a false sense of security in the highly dynamic threat landscape in cyberspace," warns BKA Vice President Link. Her agency is currently only authorized to investigate crimes, but lacks the authority to take preventive measures against immediate threats. "To put it somewhat cynically: we have to wait until the damage has been done – until 'a child falls into a well' – before we can really take action."

Interior Minister Dobrint intends to change this as soon as possible. To this end, the federal government will soon submit a bill to the Bundestag to establish the necessary legal framework for active cyber defense. "Our goal is to disrupt and destroy the attackers' infrastructure. That means: gaining access to their digital systems."

Equal to the perpetrators?

Moreover, Dobrint advocates the comprehensive retention of computer IP addresses and the implementation of automated data analysis capabilities. The state must not remain a mere observer in the digital world, the Interior Minister argues, thus justifying his far-reaching demands. The goal, he emphasizes, is to ensure that the authorities are technically and legally equipped to act on an equal footing with the perpetrators – and to strike back.

But Dobrint's plans have long been controversial. "The federal government is introducing mass surveillance through the back door," said Left Party MP Klara Binger, criticizing a draft proposal on the retention of IP addresses that emerged in April. Binger, who is the opposition party's Bundestag member responsible for domestic policy, described it as "a frontal attack on the basic digital rights of over 80 million people."