Cybercrime caused €202.4 billion in damage to the German economy in 2025. That figure equals around 4.5 percent of Germany’s GDP.
The Federal Ministry of the Interior (Bundesministerium des Innern, BMI) and the Federal Criminal Police Office (Bundeskriminalamt, BKA) published the findings in the annual national cybercrime situation report on May 12, 2026.
Two-thirds of the approximately 334,000 recorded cybercrime cases in 2025 were carried out from abroad or from unknown locations.
AI is changing how cyber crimes work
The report identifies artificial intelligence as a significant accelerator of cybercrime. Criminals use AI to make attacks faster, more targeted, and harder to detect. The specific ways AI is being applied:
- Phishing attacks now produce grammatically correct, personalized messages in German. Earlier waves of phishing were easier to spot because of poor language quality.
- Reconnaissance identifying weaknesses in target systems is being automated using AI tools. Attackers can scan for vulnerabilities at speeds and scales previously impossible for smaller criminal groups.
- Lowering the entry barrier. AI-assisted tools mean less technical knowledge is required to carry out an attack. This is expanding the pool of people capable of committing cybercrime.
Interior Minister Alexander Dobrindt stated at the publication of the report that security authorities must be able to “strike back” digitally, and that the state cannot afford to be a passive observer in the digital space.
Ransomware and DDoS attacks are rising
- Ransomware (software that encrypts a victim’s data and demands payment for the decryption key) remains the most economically damaging type of cybercrime. In 2025, German authorities recorded 1,041 ransomware attacks. This is a 10% increase over the previous year. Companies and public bodies were the main targets. The average ransom payment increased significantly; the total paid across all reported cases was around $15.5 million.
- DDoS attacks (distributed denial-of-service attacks that flood a server with requests until it collapses) rose by 25% to 36,706 cases in 2025. Many of these were carried out by hacktivists with political motivations. The group “NoName057(16)” was identified as a key actor, launching attacks against German institutions in response to Germany’s support for Ukraine. German and international law enforcement conducted “Operation Eastwood” to dismantle parts of that group’s infrastructure.
How can you protect yourself from these cybercrimes?
- Use strong, unique passwords for German banking, tax, and employer portals. A password manager helps.
- Enable two-factor authentication (2FA) on any account that offers it, especially for email and banking accounts.
- Be suspicious of any email or SMS in German that asks you to click a link or confirm payment details.
- If you run a business, contact the local Central Contact Point for Cybercrime (Zentrale Ansprechstelle Cybercrime, ZAC) at www.polizei.de/zac for guidance on protective measures.
- Check the BSI (Bundesamt für Sicherheit in der Informationstechnik) website at www.bsi.bund.de for up-to-date guidance for individuals and businesses.
