The federal government has passed the National Security Strategy, which aims to address the controversial issue of fighting back in cyberspace. The government rejects hackbacks as a means of cyber defense but is working to create a federal competence to avert serious cyber attacks by amending the Basic Law. The government wants to focus on defending against ongoing or imminent cyber attacks while maintaining proportionality and international law. This could involve taking down infrastructure for encryption trojans like Emotet. The government is taking preventive action to stop future cyber campaigns, which is not considered hackbacks in the narrowest sense. Retaliatory actions and hacking into foreign computer systems would be illegal. The government has been criticized for not defining the terms it uses and for not involving civil society in cybersecurity efforts. The amendment to the Basic Law is also a challenge as responsibility for averting danger in cyberspace currently lies with the federal states. The government emphasizes the need to influence IT infrastructures used for attacks and states that Germany will not tolerate illegal behavior by cyber actors. The government calls for greater risk awareness and responsibility from companies and civil society in terms of cybersecurity. In the event of a crisis, cyber attacks on critical infrastructure and companies can quickly become an existential threat. The Bitkom industry association criticizes the strategy for neglecting cyberspace.
