The more industry becomes digitized, the more worthwhile targeted attacks on the networked production infrastructure appear. As the digital association Bitkom reports in its current Business Protection Study 2018 , criminal activities have targeted chemical and pharmaceutical companies (74%) and the automotive industry (68%) in particular over the past two years. Machine and plant engineering (67%) as well as communication and electrical technology manufacturers (63%) were also heavily affected. The unreported figure could be even higher: 19% of all 503 industrial companies surveyed suspected such attacks without having traced them in detail.
Data theft, cyberespionage and sabotage caused total damages of €43.3 billion in 2016 and 2017. Most attacks appear to originate from Germany (36%), Russia (24%) and China (18%), followed by Japan and Eastern Europe (17% each) and the USA (15%). Small and medium-sized enterprises (SMEs) in particular are negligent in reacting to the growing threats: according to a survey by Willis Towers Watson , an international insurance broker, most SMEs do not have their own security strategy and lack information about both the scope and protection offered by this type of cyber-insurance policies.