Germany approves draft law expanding cyber defense powers for federal authorities

Germany’s federal cabinet has approved draft legislation that would expand cyber defence capabilities for three federal agencies, the Federal Office for Information Security (BSI), the Federal Criminal Police Office (BKA), and the Federal Police (Bundespolizei), as part of a broader effort to strenghten the country’s response to cyber threats.

Under the proposal, authorities would be able to block or disrupt software and server infrastructure used in cyberattacks, including systems located outside Germany. The BSI would also receive expanded authority to collect, store, and analyse data to detect activities indicative of attack preparation. Telecommunications providers and major digital platforms would be required to relay BSI warnings about identified threats directly to users.

The government describes the measures as ‘active cyber defence,’ arguing that they are intended to stop or disrupt ongoing attacks rather than conduct retaliatory cyber operations. Current practice involves redirecting attacks to isolated network areas; the new framework would instead authorize direct action against attacker-controlled systems.

According to the Federal Situation Report on Cybercrime 2025, presented by Federal Interior Minister Alexander Dobrindt and the Vice President of the Federal Criminal Police Office, Martina Link, Germany is among Europe’s most frequently targeted countries for cyberattacks.

Federal authorities in Germany have documented sustained campaigns against industrial companies, small and medium-sized enterprises, research institutions, government bodies, and political parties, with a portion attributed to state-affiliated actors.

The draft will now proceed to parliamentary debate. It requires a legislative vote before entering into force.

Why does it matter?

The proposal reflects a broader shift among governments toward more proactive cybersecurity strategies as cyberattacks become increasingly frequent and sophisticated. Rather than focusing solely on defending networks, authorities are seeking legal powers to disrupt malicious infrastructure before attacks cause significant harm.

The legislation also raises important questions about the scope of state cyber powers, oversight mechanisms, and the legal implications of taking action against infrastructure located outside national borders. If adopted, it would mark one of Germany’s most significant cybersecurity policy changes in recent years.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!