PUBLISHED February 28, 2026
According to Tagesschau’s report “Angriffe aus dem Netz – Was Firmen für mehr Cybersicherheit tun können,” cyberattacks against German companies are increasing both in frequency and scale, causing massive economic damage and exposing significant weaknesses, particularly among small and medium-sized businesses.
In the past year alone, cyberattacks caused approximately €200 billion in damage to the German economy, according to a survey by the industry association Bitkom. The attacks originate from both private criminal groups and state actors, highlighting the complexity and geopolitical dimension of the threat landscape.
No Company Is Immune
The report makes clear that no business is fully protected. Companies of different sizes and across all industries have already been affected. A recent example cited is Deutsche Bahn, where a large-scale DDoS attack temporarily disrupted ticket bookings, route searches and digital services for several hours.
A DDoS attack works by flooding a website with massive numbers of simultaneous requests from thousands of devices, overwhelming the system until it becomes inaccessible. As cybersecurity expert Dennis-Kenji Kipker explains, these attacks are becoming increasingly large and difficult to prevent. In the case of Deutsche Bahn, he notes that the company reacted quickly and appropriately. However, not all organisations have comparable cybersecurity structures in place.
Kipker warns that Germany is “far from where it should be,” particularly when it comes to protecting critical infrastructure.
Small and Medium-Sized Firms Lag Behind
While large corporations often have established cybersecurity frameworks, many small and medium-sized enterprises lack even basic protective measures. According to the report, foundational safeguards are frequently missing, leaving companies exposed.
Bitkom President Ralf Wintergerst confirms that businesses feel immense pressure. A recent survey shows that 80% of companies fear significant damage or disruptions from hybrid attacks within the next five years. Hybrid attacks combine cyber operations with physical sabotage or disinformation campaigns.
Alarmingly, only one in ten companies feels well prepared for such scenarios, while 40% admit they are not prepared at all.
Energy and Finance Systems at Risk
The greatest fears among businesses concern disruptions to energy supply, which could halt production entirely. Companies are also deeply concerned about interruptions in the financial system — situations where payments cannot be processed, invoices cannot be settled or bank accounts become inaccessible.
Another major risk involves interference with IT and data systems, potentially preventing companies from accessing orders or operational information.
Internal attacks targeting infrastructure such as energy systems are considered even more dangerous than external DDoS attacks. While larger companies may have protective mechanisms in place, many smaller firms do not.
Basic Measures Often Overlooked
Cybersecurity expert Kipker stresses that preparation must begin with fundamental measures. Companies should secure access points using two-factor authentication, regularly review employee access rights and revoke permissions immediately when staff leave the organisation.
He also highlights the risk of disgruntled former employees being recruited by cybercriminal groups.
Regular software updates are essential, as unpatched systems create security vulnerabilities that become more dangerous over time. Equally important are consistent data backups and maintaining a clear overview of all devices connected to the company network — including private smartphones accessing corporate Wi-Fi.
At the same time, Kipker emphasises that 100% cybersecurity does not exist. For this reason, every company must establish a clear emergency plan. Decision-making processes during an attack must be predefined, and external communication strategies should be prepared in advance. Cyber incidents should not be concealed. Instead, transparency and structured crisis management are critical. Wintergerst compares cybersecurity preparedness to professional sports: companies must train regularly for crisis scenarios in order to respond effectively when incidents occur.
At the same time, Kipker emphasises that 100% cybersecurity does not exist. For this reason, every company must establish a clear emergency plan. Decision-making processes during an attack must be predefined, and external communication strategies should be prepared in advance. Cyber incidents should not be concealed. Instead, transparency and structured crisis management are critical. Wintergerst compares cybersecurity preparedness to professional sports: companies must train regularly for crisis scenarios in order to respond effectively when incidents occur.
The report also highlights the growing role of state actors in cyberattacks. In addition to organised criminal groups, some private actors operate on behalf of governments, particularly for espionage purposes. The line between state and private attacks is becoming increasingly blurred.
According to Bitkom, most state-linked attacks can be traced back to China or Russia. The German Interior Ministry also reports a sharp rise in destabilisation attempts through sabotage and espionage.
Furthermore, advances in artificial intelligence have lowered the barrier to entry for cybercrime. Kipker notes that almost anyone can now engage in cybercriminal activity using AI tools such as chatbots.
Since December 2025, a new EU directive has introduced stricter requirements for companies operating in Germany. These include expanded reporting obligations for security incidents and tougher penalties for non-compliance.
Kipker considers the directive “a step in the right direction,” as it forces management to take cybersecurity more seriously. However, he also acknowledges that hesitation and uncertainty remain widespread among companies when dealing with cyber risks.
The overall message of the Tagesschau report is clear: cyberattacks are no longer isolated technical incidents but a structural business risk affecting the entire German economy. The scale of financial damage, the growing sophistication of attackers and the involvement of state actors all point to a threat environment that will persist.
For German companies, cybersecurity is no longer optional — it is a core element of operational stability and economic resilience.
The report also highlights the growing role of state actors in cyberattacks. In addition to organised criminal groups, some private actors operate on behalf of governments, particularly for espionage purposes. The line between state and private attacks is becoming increasingly blurred.
According to Bitkom, most state-linked attacks can be traced back to China or Russia. The German Interior Ministry also reports a sharp rise in destabilisation attempts through sabotage and espionage.
Furthermore, advances in artificial intelligence have lowered the barrier to entry for cybercrime. Kipker notes that almost anyone can now engage in cybercriminal activity using AI tools such as chatbots.
Since December 2025, a new EU directive has introduced stricter requirements for companies operating in Germany. These include expanded reporting obligations for security incidents and tougher penalties for non-compliance.
Kipker considers the directive “a step in the right direction,” as it forces management to take cybersecurity more seriously. However, he also acknowledges that hesitation and uncertainty remain widespread among companies when dealing with cyber risks.
The overall message of the Tagesschau report is clear: cyberattacks are no longer isolated technical incidents but a structural business risk affecting the entire German economy. The scale of financial damage, the growing sophistication of attackers and the involvement of state actors all point to a threat environment that will persist.
For German companies, cybersecurity is no longer optional — it is a core element of operational stability and economic resilience.
Reform PRODUCTS & SERVICES Group
Szentendrei út 87.
1033 Budapest
Hungary