
BSI
Germany's national cybersecurity authority; co-signed the 16-agency China-nexus advisory, April 2026.
Last refreshed: 30 April 2026 · Appears in 1 active topic
Did sixteen agencies just admit that Germany's security standards cannot stop China's botnets?
Timeline for BSI
Rated CVE-2026-41940 advisory as very high criticality
Cybersecurity: Threats and Defences: cPanel zero-day ran 65 days before patch; Sorry ransomware activeSigned 16-agency joint advisory on China-nexus covert networks
Cybersecurity: Threats and Defences: Sixteen agencies put IOC extinction in printWhat did the BSI sign in April 2026 about Chinese cyber threats?
What is Germany's IT-Grundschutz and who maintains it?
How many staff does Germany's BSI have?
Background
The Bundesamt für Sicherheit in der Informationstechnik (BSI) is Germany's federal cybersecurity authority, founded in 1991 and headquartered in Bonn. It operates under the Federal Ministry of the Interior with approximately 1,700 staff. The BSI sets the technical baseline for information security across German federal government, certifies commercial IT products, and maintains the IT-Grundschutz catalogue — a comprehensive security standards framework exceeding 4,800 pages that has become a de facto model for European enterprise security practice. It is Germany's designated National Cybersecurity Authority under NIS2 and the primary counterpart to the UK NCSC and ENISA in EU regulatory coordination. President since July 2023 is Claudia Plattner.
As a cross-topic anchor, the BSI appears in European tech sovereignty debates (as the enforcer of Germany's NIS2 transposition, published December 2025), in the German elections topic as a political player under Interior Ministry oversight, and in the Russia-Ukraine war topic through its advisories on Russian state cyber operations against European infrastructure.
The BSI was one of sixteen national cyber agencies that signed the landmark joint advisory on China-nexus covert networks on 23 April 2026, formally accepting that indicators of compromise (IOCs) disappear as fast as analysts can publish them. The advisory named Flax Typhoon and Integrity Technology Group as operators of two covert networks — the Raptor Train botnet and the KV Botnet — targeting energy, healthcare, transport and government across the participating jurisdictions. For Germany specifically, the BSI's NIS2 implementation law (published December 2025) means the advisory's call to move from IOC-based to dwell-time detection is now backed by domestic enforcement authority: covered entities failing to implement the advisory's recommended edge-device baselining face formal sanction under the German NIS2 implementation law.