Over half of all companies in Germany have been affected by spying, sabotage or data theft in the last two years, says an industry association. It estimated that the attacks cost the firms about 55 billion euros a year.
Some 53 percent of companies in Germany have been victims of industrial espionage, sabotage or data theft in the last two years, up from 51 percent in a 2015 study, the German IT industry association Bitkom said on Friday.
Bitkom President Achim Berg said the companies had incurred a loss of around 55 billion euros per year. "An incredibly high sum," he told reporters.
The survey included responses from 1,069 managers and people responsible for security in various sectors.
"The high number of companies affected clearly shows that we still have work to do on cybersecurity in Germany," Arne Schoenbohm, president of Germany's BSI federal cyber agency, said.
Many big companies and especially those operating critical infrastructure are generally well-prepared for cyber attacks. But many smaller and medium-sized companies did not take the threat seriously enough, Schoenbohm said.
Some 62 percent of the companies affected found those behind the attacks were either current or former employees. 41 percent blamed competitors, customers, suppliers or service providers for the attacks, Bitkom said.
Foreign intelligence agencies were identified in 3 percent of the cases, it said.
21 percent believed hobby hackers were responsible while 7 percent attributed attacks to organized crime.
According to the report, e-mails, financial data and customer data were all stolen during the attacks on companies. In 11 percent of the cases, the attackers accessed patents or information from research and development, and in 10 percent it was employees' files. Moreover, devices such as notebooks and smartphones were stolen.
The companies even reported sabotage that hit production. And there were instances of listening in on telephone calls and meetings, as well as the theft of documents, samples and components. Several high-profile attacks have occurred recently, such as the WannaCry ransomware attacks in May and a virus dubbed "NotPetya" that halted production at some companies for more than a week.
But most companies do not report the attacks to the authorities, German newspaper Die Welt reported.