01. Aug 2023

New report of the BKI

Cybercrime – 3 current threats you should be ready for!

The cyber world is evolving rapidly. While this trend brings many positive aspects, potential dangers must not be overlooked: A lot has changed in the last year, especially regarding cybercrime.

As part of the efforts to curb growing cybercrime, the Austrian Federal Criminal Police Office publishes an annual Cybercrime Report. This report analyzes information from the Cybercrime Competence Center, such as advertisements, notifications, studies, and more. In this article you get a brief overview of the most important developments and what you need to pay special attention to!

Here you can see the whole report.


Ransomware has been around for a long time and most people know how it works: Criminals take over assets, in the case of cybercrime mostly essential data, and demand a ransom for the release of this data. But in this case, too, criminals have developed new concepts to put even more pressure on their victims: Instead of simply "encrypting" the data, the data is copied by the attackers and threats are made to pass it on to the public or to competitors. This type of extortion poses a much more serious threat than the traditional method of ransomware.

For this reason, it is more important than ever to rely on a consistent and effective data protection and information security management system. This is possible, for example, by implementing international standards such as ISO 27701 (data protection), ISO 27001 (information security) or ISO 27018 (data protection for cloud services).

(R)DDOS attacks

This particular type of DDoS attacks combines various forms of cybercrime. Here, DDoS (Distributed Denial of Service) attacks are used to make ransom demands. Cybercriminals usually use one of two methods: It is possible that a DDOS attack is carried out first, after which a ransom demand is made. However, it may also happen that ransom is demanded under the threat of a DDOS attack. In such a case, of course, it might be an empty threat - not responding is still risky. The best way to protect your company from such threats is to have comprehensive protection against DDOS and other cyber attacks. Here, too, management systems can provide support.

Crime as a Service

Crime as a Service" (CaaS) poses another major threat to organizations. According to the BKI's Cybercrime Report, this branch of cybercrime has continued to grow, and with it the risk for companies of being the victim of such an attack. Since "Crime as a Service" offers tailor-made products for dubious customers, the extent is difficult to estimate in advance: From DDOS attacks to data theft or attacks with spam emails and other attack methods, organizations in today’s day and age must be prepared. That's why proactive protection measures and a Business Continuity Management System according to ISO 22301, which deals with the rapid restoration of operations in the event of an emergency - are essential for companies that want to survive in the cyber world.

"The threats posed by all areas of cybercrime are growing year after year. For this reason, it is imperative for companies to implement structured and systematic processes, install security systems and take countermeasures. The implementation of internationally recognized, audited and field-tested standards such as ISO 27001, ISO 27701 or ISO 27017 is ideal for this purpose. They strengthen cyber risk management and communicate to customers and partners that their data security is taken seriously.",

according to Harald Erkinger, CEO of CIS.

News & Events

The basis for long-term success!

17. Apr 2024

CIS joins the Austrian Data Centre Association (ADCA)

New cooperation

Learn more
17. Apr 2024

Smart compliance for data centres

NISG and EN 50600

Learn more
28. Mar 2024

ISO 42001 – the new standard for artificial intelligence

World's first standard for AI

Learn more
07. Mar 2024

The future of AI and data ownership

A balancing act between AI, information security and data ownership

Learn more
07. Mar 2024

Are we losing control of our data through artificial intelligence (AI)?

A balancing act between AI, information security and data ownership

Learn more
31. Jan 2024

CIS is the first inspection body for EN 50600

Product and service certification for data centers

Learn more
22. Jan 2024

Cyberattacks number 1 risk worldwide

New data published as part of the "Risk Barometer"

Learn more
07. Aug 2023

In conversation with Harald Erkinger and Christoph Mondl about New Work, opportunities and risks

The current topics of cyber security

Learn more
03. Aug 2023

What know-how we can look forward to at the CIS Compliance Summit 2023

Anticipation is building up for top-notch speakers!

Learn more
06. Jul 2023

Global Threat Report 2023: Turning trends into active opportunities

Findings, trends and recommendations for action

Learn more
05. Jul 2023

A strong shield for our data in the era of artificial intelligence

+43 1 532 98 90